From 0935854d49e3a269a83b81f764147853a04b711c Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sat, 20 Sep 2008 04:20:06 -0400
Subject: [PATCH] Fixed a bug in tform.inc.php

---
 interface/lib/classes/db_mysql.inc.php |   12 ++++++++----
 1 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 3266155..ca3b38c 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -160,10 +160,14 @@
         return $this->quote($formfield);
     }
 		
-	/** Escapes quotes in variable. addslashes() */
+	/** Escapes quotes in variable. mysql_real_escape_string() */
     public function quote($formfield)
-    {
-        return addslashes($formfield);
+    {	
+		if(!$this->connect()){
+			$this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+			return addslashes($formfield);
+		}
+        return mysql_real_escape_string($formfield, $this->linkId);
     }
 		
 	/** Unquotes a variable, strip_slashes() */
@@ -278,7 +282,7 @@
 		return true;
 	}
 	
-	//** Updates a record and saves the changes into the datalog
+	//** Inserts a record and saves the changes into the datalog
 	public function datalogInsert($tablename, $insert_data, $index_field) {
 		global $app;
 		

--
Gitblit v1.9.1