From ced7398e3c567bd50ec217e176b8dbabdd601f9c Mon Sep 17 00:00:00 2001
From: Bimon <Bimon@ispconfig3>
Date: Tue, 27 Sep 2011 07:19:59 -0400
Subject: [PATCH] line 117 " && $user['active']" removed reason: not necessary here, check is in line 141, when checking in line 117 and setting $user to false user blocked message will never show

---
 interface/lib/classes/form.inc.php |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/form.inc.php b/interface/lib/classes/form.inc.php
index c45936a..99f6cfb 100644
--- a/interface/lib/classes/form.inc.php
+++ b/interface/lib/classes/form.inc.php
@@ -1,6 +1,7 @@
 <?php
+
 /*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -293,7 +294,7 @@
 				switch ($this->tableDef[$key]['datatype']) {
 				case 'VARCHAR':
 					if(!is_array($val)) {
-						$new_record[$key] = addslashes($val);
+						$new_record[$key] = mysql_real_escape_string($val);
 					} else {
 						$new_record[$key] = implode($this->tableDef[$key]['separator'],$val);
 					}
@@ -308,7 +309,7 @@
 					$new_record[$key] = intval($val);
 				break;
 				case 'DOUBLE':
-					$new_record[$key] = addslashes($val);
+					$new_record[$key] = mysql_real_escape_string($val);
 				break;
 				case 'CURRENCY':
 					$new_record[$key] = str_replace(",",".",$val);

--
Gitblit v1.9.1