From 14df0d4b8d95f4c0240c0bd98c6ce9b74706e3ca Mon Sep 17 00:00:00 2001
From: swiergot <swiergot>
Date: Thu, 16 Aug 2007 00:25:04 +0000
Subject: - Applied a patch from Loui to fix session removal. - Replaced all
 occurences of mysql_escape_string()   with mysql_real_escape_string().

---
 web/html/account.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'web/html/account.php')

diff --git a/web/html/account.php b/web/html/account.php
index eeb1e40..fba90dd 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -106,7 +106,7 @@ if (isset($_COOKIE["AURSID"])) {
 			$q.= "WHERE AccountTypes.ID = Users.AccountTypeID ";
 			$q.= "AND Users.ID = Sessions.UsersID ";
 			$q.= "AND Sessions.SessionID = '";
-			$q.= mysql_escape_string($_COOKIE["AURSID"])."'";
+			$q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
 			$result = db_query($q, $dbh);
 			if (!mysql_num_rows($result)) {
 				print __("Could not retrieve information for the specified user.");
-- 
cgit v1.2.3-70-g09d2