123 if (is_numeric($record['zid'])) { |
123 if (is_numeric($record['zid'])) { |
124 if (validate_input($record['zid'], $record['type'], $record['content'], $record['name'], $record['prio'], $record['ttl'])) { |
124 if (validate_input($record['zid'], $record['type'], $record['content'], $record['name'], $record['prio'], $record['ttl'])) { |
125 $query = "UPDATE records |
125 $query = "UPDATE records |
126 SET name=".$db->quote($record['name'], 'text').", |
126 SET name=".$db->quote($record['name'], 'text').", |
127 type=".$db->quote($record['type'], 'text').", |
127 type=".$db->quote($record['type'], 'text').", |
128 content=" . $db->quote($record['content'], 'text') . ", |
128 content=" . $db->quote(addslashes($record['content']), 'text') . ", |
129 ttl=".$db->quote($record['ttl'], 'integer').", |
129 ttl=".$db->quote($record['ttl'], 'integer').", |
130 prio=".$db->quote($record['prio'], 'integer').", |
130 prio=".$db->quote($record['prio'], 'integer').", |
131 change_date=".$db->quote(time(), 'integer')." |
131 change_date=".$db->quote(time(), 'integer')." |
132 WHERE id=".$db->quote($record['rid'], 'integer'); |
132 WHERE id=".$db->quote($record['rid'], 'integer'); |
133 $result = $db->Query($query); |
133 $result = $db->Query($query); |