From 29c974a320078c3169cade013235b6ad1a26302e Mon Sep 17 00:00:00 2001
From: nveid <nveid@ispconfig3>
Date: Wed, 07 Dec 2011 03:53:55 -0500
Subject: [PATCH] Updated some escape string methods outside of db_mysql_inc.php to use the standardize app->db->quote method already established.
---
interface/lib/classes/remoting_lib.inc.php | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 8f001cd..a9dd870 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -294,7 +294,7 @@
* @return record
*/
function encode($record) {
-
+ global $app;
if(is_array($record)) {
foreach($this->formDef['fields'] as $key => $field) {
@@ -303,14 +303,14 @@
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = mysql_real_escape_string($record[$key]);
+ $new_record[$key] = $app->db->quote($record[$key]);
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
@@ -347,7 +347,7 @@
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = mysql_real_escape_string($record[$key]);
+ $new_record[$key] = $app->db->quote($record[$key]);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
--
Gitblit v1.9.1