From 323d418f02074613241d65b9cabbfd65afea9abe Mon Sep 17 00:00:00 2001 From: Lukas Fleischer Date: Thu, 20 Oct 2011 08:15:02 +0200 Subject: Wrap mysql_real_escape_string() in a function Wrap mysql_real_escape_string() in a wrapper function db_escape_string() to ease porting to other databases, and as another step to pulling more of the database code into a central location. This is a rebased version of a patch by elij submitted about half a year ago. Thanks-to: elij Signed-off-by: Lukas Fleischer --- web/lib/stats.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'web/lib/stats.inc.php') diff --git a/web/lib/stats.inc.php b/web/lib/stats.inc.php index 2690a5c..8f0f770 100644 --- a/web/lib/stats.inc.php +++ b/web/lib/stats.inc.php @@ -20,7 +20,7 @@ function updates_table($dbh) function user_table($user, $dbh) { - $escuser = mysql_real_escape_string($user); + $escuser = db_escape_string($user); $base_q = "SELECT count(*) FROM Packages,Users WHERE Packages.MaintainerUID = Users.ID AND Users.Username='" . $escuser . "'"; $maintainer_unsupported_count = db_cache_value($base_q, $dbh, -- cgit v1.2.3-70-g09d2