From 10b6a8fff7e6d407421c74889455b969be7f867f Mon Sep 17 00:00:00 2001
From: Lukas Fleischer <archlinux@cryptocrack.de>
Date: Thu, 20 Oct 2011 08:15:02 +0200
Subject: Wrap mysql_real_escape_string() in a function

Wrap mysql_real_escape_string() in a wrapper function db_escape_string()
to ease porting to other databases, and as another step to pulling more
of the database code into a central location.

This is a rebased version of a patch by elij submitted about half a year
ago.

Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>

Conflicts:

	web/lib/aur.inc.php
---
 web/html/account.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'web/html/account.php')

diff --git a/web/html/account.php b/web/html/account.php
index ca05d1ac..387fd938 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -111,7 +111,7 @@ if (isset($_COOKIE["AURSID"])) {
 			$q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
 			$q.= "AND Users.ID = Sessions.UsersID ";
 			$q.= "AND Sessions.SessionID = '";
-			$q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
+			$q.= db_escape_string($_COOKIE["AURSID"])."'";
 			$result = db_query($q, $dbh);
 			if (!mysql_num_rows($result)) {
 				print __("Could not retrieve information for the specified user.");
-- 
cgit v1.2.3-24-g4f1b