From 2cb1563f63386b35a69e460051aa9b4a2851d104 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Wed, 30 May 2012 07:30:44 -0400
Subject: [PATCH] - Added (clickable) placeholders to client messaging function. - Added check so that the client password isn't inserted into the message (for security reasons).

---
 interface/web/mail/mail_user_del.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/interface/web/mail/mail_user_del.php b/interface/web/mail/mail_user_del.php
index ecbffb5..a6d5346 100644
--- a/interface/web/mail/mail_user_del.php
+++ b/interface/web/mail/mail_user_del.php
@@ -54,7 +54,7 @@
 	function onBeforeDelete() {
 		global $app; $conf;
 			
-			$tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".mysql_real_escape_string($this->dataRecord["email"])."'");
+			$tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".$app->db->quote($this->dataRecord["email"])."'");
 			$app->db->datalogDelete('spamfilter_users', 'id', $tmp_user["id"]);
 			
 			$tmp_filters = $app->db->queryAllRecords("SELECT filter_id FROM mail_user_filter WHERE mailuser_id = '".$this->id."'");

--
Gitblit v1.9.1