summaryrefslogtreecommitdiffstats
path: root/web/html/passreset.php
diff options
context:
space:
mode:
authorLukas Fleischer <archlinux@cryptocrack.de>2011-10-20 08:15:02 +0200
committerLukas Fleischer <archlinux@cryptocrack.de>2011-10-25 09:25:30 +0200
commit10b6a8fff7e6d407421c74889455b969be7f867f (patch)
tree7865ce99ce1d45e7261f32c539ed42ab7f265823 /web/html/passreset.php
parente1687f18302a49b5d1b57aceb703fffe09c76375 (diff)
downloadaur-10b6a8fff7e6d407421c74889455b969be7f867f.tar.gz
aur-10b6a8fff7e6d407421c74889455b969be7f867f.tar.xz
Wrap mysql_real_escape_string() in a function
Wrap mysql_real_escape_string() in a wrapper function db_escape_string() to ease porting to other databases, and as another step to pulling more of the database code into a central location. This is a rebased version of a patch by elij submitted about half a year ago. Thanks-to: elij <elij.mx@gmail.com> Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de> Conflicts: web/lib/aur.inc.php
Diffstat (limited to 'web/html/passreset.php')
-rw-r--r--web/html/passreset.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/web/html/passreset.php b/web/html/passreset.php
index ed5d4d31..97fbebb0 100644
--- a/web/html/passreset.php
+++ b/web/html/passreset.php
@@ -40,8 +40,8 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir
Salt = '$salt',
ResetKey = ''
WHERE ResetKey != ''
- AND ResetKey = '".mysql_real_escape_string($resetkey)."'
- AND Email = '".mysql_real_escape_string($email)."'";
+ AND ResetKey = '".db_escape_string($resetkey)."'
+ AND Email = '".db_escape_string($email)."'";
$result = db_query($q, $dbh);
if (!mysql_affected_rows($dbh)) {
$error = __('Invalid e-mail and reset key combination.');