From 7ba4da9525d19116d954c4f8e40fdc9e09e0f8ce Mon Sep 17 00:00:00 2001
From: tipaul <tipaul>
Date: Wed, 23 Nov 2005 21:02:16 +0000
Subject: [PATCH] =?UTF-8?q?il=20faut=20aussi=20=E9chapper=20la=20note=20?=
 =?UTF-8?q?=E0=20l'insertion.=20merci=20Eldy=20de=20m'avoir=20montr=E9=20a?=
 =?UTF-8?q?ddslashes=20au=20lieu=20de=20mysql=5F...=20que=20j'avais=20fait?=
 =?UTF-8?q?=20pr=E9c=E9demment.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/fichinter/fichinter.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/fichinter/fichinter.class.php b/htdocs/fichinter/fichinter.class.php
index 0b7d3994c2f..649105c34d8 100644
--- a/htdocs/fichinter/fichinter.class.php
+++ b/htdocs/fichinter/fichinter.class.php
@@ -88,7 +88,7 @@ class Fichinter
             $sql .=  ",fk_projet";
         }
         $sql .= ") ";
-        $sql .= " VALUES ($this->socidp, $this->date, now(), '$this->ref', $this->author, '$this->note', $this->duree";
+        $sql .= " VALUES ($this->socidp, $this->date, now(), '$this->ref', $this->author, '".addslashes($this->note)."', $this->duree";
         if ($this->projet_id) {
             $sql .= ", $this->projet_id";
         }