From 6f67c78cf8668e570c5ef7fd4430e3d0e4a66aef Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sat, 22 Nov 2008 07:49:58 -0500
Subject: [PATCH] Replaced php code for app version in main template with a template variable.

---
 interface/lib/classes/db_mysql.inc.php |   16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index eaa57b0..ec9a1f3 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -160,10 +160,14 @@
         return $this->quote($formfield);
     }
 		
-	/** Escapes quotes in variable. addslashes() */
+	/** Escapes quotes in variable. mysql_real_escape_string() */
     public function quote($formfield)
-    {
-        return addslashes($formfield);
+    {	
+		if(!$this->connect()){
+			$this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+			return addslashes($formfield);
+		}
+        return mysql_real_escape_string($formfield, $this->linkId);
     }
 		
 	/** Unquotes a variable, strip_slashes() */
@@ -246,10 +250,10 @@
 			}
 		} elseif(is_array($record_new)) {
 			foreach($record_new as $key => $val) {
-				if(isset($record_new[$key]) && $record_old[$key] != $val) {
+				if(isset($record_new[$key]) && @$record_old[$key] != $val) {
 					// Record has changed
 					$diffrec_full['new'][$key] = $val;
-					$diffrec_full['old'][$key] = $record_old[$key];
+					$diffrec_full['old'][$key] = @$record_old[$key];
 					$diff_num++;
 				} else {
 					$diffrec_full['new'][$key] = $val;
@@ -288,7 +292,7 @@
 		$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
 		$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
 		
-		return true;
+		return $index_value;
 	}
 	
 	//** Updates a record and saves the changes into the datalog

--
Gitblit v1.9.1