X-Git-Url: http://git.sourceforge.jp/view?p=nucleus-jp%2Fnucleus-jp-ancient.git;a=blobdiff_plain;f=utf8%2Fnucleus%2Fupgrades%2Fupgrade1.5.php;h=a9450aa7fd851968f71682041b0506fe993603f5;hp=3040d2f91e2deb87484c105f42c9137ad380325b;hb=7a9ab741d74fc3e819af9b1e23a2bb6a28e00297;hpb=1abade2c6f1ef6acdea5b904d930649a83893898

diff --git a/utf8/nucleus/upgrades/upgrade1.5.php b/utf8/nucleus/upgrades/upgrade1.5.php
index 3040d2f..a9450aa 100755
--- a/utf8/nucleus/upgrades/upgrade1.5.php
+++ b/utf8/nucleus/upgrades/upgrade1.5.php
@@ -87,7 +87,7 @@ function upgrade_do150() {
     $res = sql_query('SELECT * FROM '.sql_table('template').' WHERE tpartname=\'DATE_HEADER\'');
     while ($o = mysql_fetch_object($res)) {
         $newval = str_replace('<%daylink%>','<%%daylink%%>',$o->tcontent);
-        $query = 'UPDATE '.sql_table('template').' SET tcontent=\''. addslashes($newval).'\' WHERE tdesc=' . $o->tdesc . ' AND tpartname=\'DATE_HEADER\'';
+        $query = 'UPDATE '.sql_table('template').' SET tcontent=\''. sql_real_escape_string($newval).'\' WHERE tdesc=' . $o->tdesc . ' AND tpartname=\'DATE_HEADER\'';
         upgrade_query('Updating DATE_HEADER part in template ' . $o->tdesc, $query);
     }
     
@@ -96,7 +96,7 @@ function upgrade_do150() {
     while ($o = mysql_fetch_object($res)) {
         if (!strstr($o->tcontent,'<%comments%>')) {
             $newval = $o->tcontent . '<%comments%>';
-            $query = 'UPDATE '.sql_table('template').' SET tcontent=\''. addslashes($newval).'\' WHERE tdesc=' . $o->tdesc . ' AND tpartname=\'ITEM\'';
+            $query = 'UPDATE '.sql_table('template').' SET tcontent=\''. sql_real_escape_string($newval).'\' WHERE tdesc=' . $o->tdesc . ' AND tpartname=\'ITEM\'';
             upgrade_query('Updating ITEM part in template ' . $o->tdesc, $query);
         }
     }