diff --git a/classes/Admin.php b/classes/Admin.php
index 29f8711..d9a5180 100644
--- a/classes/Admin.php
+++ b/classes/Admin.php
@@ -884,7 +884,7 @@ public static function ProcessWidgetUpload() {
// if category is set in widget options, force to use this. security done with nonce checking ($_POST['cat'] is reliable)
if ($_POST['cat'] >= 0)
$_POST['file_category'] = $_POST['cat'];
- $result = WPFB_Admin::InsertFile(stripslashes_deep(array_merge($_POST, $_FILES, array('frontend_upload' => true, 'form' => empty($form) ? null : $form))));
+ $result = WPFB_Admin::InsertFile(array_merge($_FILES, stripslashes_deep(array_merge($_POST, array('frontend_upload' => true, 'form' => empty($form) ? null : $form)))));
if (isset($result['error']) && $result['error']) {
$content .= '';
$title .= __('Error');
diff --git a/classes/AdminGuiFiles.php b/classes/AdminGuiFiles.php
index af8f99e..9df9033 100644
--- a/classes/AdminGuiFiles.php
+++ b/classes/AdminGuiFiles.php
@@ -79,7 +79,7 @@ static function Display()
$_POST['file_date'] = sprintf( "%04d-%02d-%02d %02d:%02d:%02d", $aa, $mm, $jj, $hh, $mn, $ss );
}
- $result = WPFB_Admin::InsertFile(stripslashes_deep(array_merge($_POST, $_FILES)), true);
+ $result = WPFB_Admin::InsertFile(array_merge(stripslashes_deep($_POST), $_FILES), true);
if(isset($result['error']) && $result['error']) {
$message = $result['error'] . '
' . __("Go back") . '';
} else {
diff --git a/screens/editor-plugin.php b/screens/editor-plugin.php
index b60696b..381188a 100644
--- a/screens/editor-plugin.php
+++ b/screens/editor-plugin.php
@@ -268,7 +268,7 @@ function insBrowserTag()
if(!wp_verify_nonce($_POST['wpfb-file-nonce'], $nonce_action."-editor") && !wp_verify_nonce($_POST['wpfb-file-nonce'], $nonce_action) )
wp_die(__('Cheatin’ uh?'));
- $result = WPFB_Admin::InsertFile(stripslashes_deep(array_merge($_POST, $_FILES)));
+ $result = WPFB_Admin::InsertFile(array_merge(stripslashes_deep($_POST), $_FILES));
if(isset($result['error']) && $result['error']) {
?>
-