Quotes in custom fields
Hello.
Sendy crashes (fails to save a subscriber, but sends out confirmation emails) if any of the custom fields contains quotes.
Fix:
in subscribe php update line 169 from:
$cf_vals .= $value;
to
$cf_vals .= mysql_real_escape_string($value);
This discussion has been closed.
Comments
Also isn't it a better idea to store custom fields serialized or json encoled rather than glued with '%s%' in database? looks like a more solid approach
Thanks Dmitrii. I'll probably use
mysqli_real_escape_stringinstead ofmysql_real_escape_stringif I decide to go with this fix.mysql_*extension will be deprecated in PHP 5.5.Ben
This is now fixed in version 1.1.7.