diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-10-20 08:15:02 +0200 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2011-10-25 09:25:30 +0200 |
| commit | 10b6a8fff7e6d407421c74889455b969be7f867f (patch) | |
| tree | 7865ce99ce1d45e7261f32c539ed42ab7f265823 /web/html/passreset.php | |
| parent | e1687f18302a49b5d1b57aceb703fffe09c76375 (diff) | |
| download | aurweb-10b6a8fff7e6d407421c74889455b969be7f867f.tar.xz | |
Wrap mysql_real_escape_string() in a function
Wrap mysql_real_escape_string() in a wrapper function db_escape_string()
to ease porting to other databases, and as another step to pulling more
of the database code into a central location.
This is a rebased version of a patch by elij submitted about half a year
ago.
Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
Conflicts:
web/lib/aur.inc.php
Diffstat (limited to 'web/html/passreset.php')
| -rw-r--r-- | web/html/passreset.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/web/html/passreset.php b/web/html/passreset.php index ed5d4d3..97fbebb 100644 --- a/web/html/passreset.php +++ b/web/html/passreset.php @@ -40,8 +40,8 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir Salt = '$salt', ResetKey = '' WHERE ResetKey != '' - AND ResetKey = '".mysql_real_escape_string($resetkey)."' - AND Email = '".mysql_real_escape_string($email)."'"; + AND ResetKey = '".db_escape_string($resetkey)."' + AND Email = '".db_escape_string($email)."'"; $result = db_query($q, $dbh); if (!mysql_affected_rows($dbh)) { $error = __('Invalid e-mail and reset key combination.'); |