diff --git a/class/class.settings.php b/class/class.settings.php index 843eacf..0d3784b 100644 --- a/class/class.settings.php +++ b/class/class.settings.php @@ -415,27 +415,27 @@ function settingsSave() // 3. ФОРМИРОВАНИЕ УСЛОВНЫХ И ОБЯЗАТЕЛЬНЫХ ПОЛЕЙ // ---------------------------------------------------- - $mandatory_fields = array( - "mail_smtp_login" => addslashes($_REQUEST['mail_smtp_login']), - "mail_smtp_encrypt" => addslashes($_REQUEST['mail_smtp_encrypt']), - "mail_sendmail_path" => addslashes($_REQUEST['mail_sendmail_path']), - "mail_from_name" => addslashes($_REQUEST['mail_from_name']), - "mail_from" => addslashes($_REQUEST['mail_from']), - "page_not_found_id" => addslashes($_REQUEST['page_not_found_id']), - "mail_port" => addslashes($_REQUEST['mail_port']), - "mail_host" => addslashes($_REQUEST['mail_host']), - "default_country" => addslashes($_REQUEST['default_country']), - "mail_type" => addslashes($_REQUEST['mail_type']), - "mail_content_type" => addslashes($_REQUEST['mail_content_type']), - "mail_word_wrap" => (int)$_REQUEST['mail_word_wrap'], - "mail_new_user" => addslashes($_REQUEST['mail_new_user']), - "mail_signature" => addslashes($_REQUEST['mail_signature']), - "message_forbidden" => addslashes($_REQUEST['message_forbidden']), - "hidden_text" => addslashes($_REQUEST['hidden_text']), - "date_format" => addslashes($_REQUEST['date_format']), - "time_format" => addslashes($_REQUEST['time_format']), - "use_doctime" => intval($_REQUEST['use_doctime']) - ); +$mandatory_fields = array( + "mail_smtp_login" => $_REQUEST['mail_smtp_login'], + "mail_smtp_encrypt" => $_REQUEST['mail_smtp_encrypt'], + "mail_sendmail_path" => $_REQUEST['mail_sendmail_path'], + "mail_from_name" => $_REQUEST['mail_from_name'], + "mail_from" => $_REQUEST['mail_from'], + "page_not_found_id" => $_REQUEST['page_not_found_id'], + "mail_port" => $_REQUEST['mail_port'], + "mail_host" => $_REQUEST['mail_host'], + "default_country" => $_REQUEST['default_country'], + "mail_type" => $_REQUEST['mail_type'], + "mail_content_type" => $_REQUEST['mail_content_type'], + "mail_word_wrap" => (int)$_REQUEST['mail_word_wrap'], + "mail_new_user" => $_REQUEST['mail_new_user'], + "mail_signature" => $_REQUEST['mail_signature'], + "message_forbidden" => $_REQUEST['message_forbidden'], + "hidden_text" => $_REQUEST['hidden_text'], + "date_format" => $_REQUEST['date_format'], + "time_format" => $_REQUEST['time_format'], + "use_doctime" => intval($_REQUEST['use_doctime']) +); // ДОБАВЛЯЕМ ПАРОЛЬ ТОЛЬКО ЕСЛИ ОН БЫЛ ВВЕДЕН ИЛИ ИЗМЕНЕН if ($smtp_pass_encrypted !== null) { @@ -459,18 +459,19 @@ function settingsSave() $set_clauses[] = "{$key} = '{$value}'"; } - // 2. Формируем условные поля - foreach ($conditional_keys as $key) { - if (isset($_REQUEST[$key])) { - $value = $_REQUEST[$key]; - - if (strpos($key, 'bread_') === 0 && (strpos($key, 'show') !== false || strpos($key, 'use') !== false || strpos($key, 'last') !== false)) { - $set_clauses[] = "{$key} = '" . ($value != 0 ? 1 : 0) . "'"; - } else { - $set_clauses[] = "{$key} = '" . addslashes($value) . "'"; - } +// 2. Формируем условные поля +foreach ($conditional_keys as $key) { + if (isset($_REQUEST[$key])) { + $value = $_REQUEST[$key]; + + // Эта ветка обрабатывает числовые/булевы поля, связанные с хлебными крошками (show, use, last) + if (strpos($key, 'bread_') === 0 && (strpos($key, 'show') !== false || strpos($key, 'use') !== false || strpos($key, 'last') !== false)) { + $set_clauses[] = "{$key} = '" . ($value != 0 ? 1 : 0) . "'"; + } else { + $set_clauses[] = "{$key} = '" . $value . "'"; } } +} // Объединяем все части через запятую для SQL $set_string = implode(",\r\n", $set_clauses);