diff options
| author | swiergot <swiergot> | 2007-09-20 17:33:04 +0200 |
|---|---|---|
| committer | swiergot <swiergot> | 2007-09-20 17:33:04 +0200 |
| commit | 0b92839bee80fc2ba6ea67be1e48d176c0d242bc (patch) | |
| tree | 6aa8f1250ffe26ffe980d5aa77205586a236dfb0 /web/html/account.php | |
| parent | 9ab02ad6a752e993bad3fe991a6a16a26d7cfcdd (diff) | |
| download | aur-0b92839bee80fc2ba6ea67be1e48d176c0d242bc.tar.gz aur-0b92839bee80fc2ba6ea67be1e48d176c0d242bc.tar.xz | |
- Applied a patch from Loui to fix session removal.
- Replaced all occurences of mysql_escape_string()
with mysql_real_escape_string().
Diffstat (limited to 'web/html/account.php')
| -rw-r--r-- | web/html/account.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/web/html/account.php b/web/html/account.php index eeb1e407..fba90dd6 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -106,7 +106,7 @@ if (isset($_COOKIE["AURSID"])) { $q.= "WHERE AccountTypes.ID = Users.AccountTypeID "; $q.= "AND Users.ID = Sessions.UsersID "; $q.= "AND Sessions.SessionID = '"; - $q.= mysql_escape_string($_COOKIE["AURSID"])."'"; + $q.= mysql_real_escape_string($_COOKIE["AURSID"])."'"; $result = db_query($q, $dbh); if (!mysql_num_rows($result)) { print __("Could not retrieve information for the specified user."); |