(2010-08-14, 01:41 PM)ImperfectShaun Wrote: I'm experiencing an issue when the title contains an apostrophe - the ' character
I know this is is the kinda hole that allows unwanted code to run on mysql.
I'm trying to fix it myself, but you should really update this. Other than this, it appears to work on 1.6, and adds a very good feature most moderation teams should use.
I'll have a look at it, thanks for sharing the issue!
Edit: Thank you! I updated the script, but instead of adding several $db->escape_string() I removed them all in the message template and added it in $reportedpost declaration ( "message" => $db->escape_string( $message ) ).