external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Wrap mysql_real_escape_string() in a function

Browse source 
Wrap mysql_real_escape_string() in a wrapper function db_escape_string()
to ease porting to other databases, and as another step to pulling more
of the database code into a central location.

This is a rebased version of a patch by elij submitted about half a year
ago.

Thanks-to: elij <elij.mx@gmail.com>
Signed-off-by: Lukas Fleischer <archlinux@cryptocrack.de>
This commit is contained in:
Lukas Fleischer 2011-10-20 08:15:02 +02:00
parent 54d5dcc6e8
commit 323d418f02
12 changed files with 66 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

4
web/html/passreset.php
View file

@ -40,8 +40,8 @@ if (isset($_GET['resetkey'], $_POST['email'], $_POST['password'], $_POST['confir
Salt = '$salt',
ResetKey = ''
WHERE ResetKey != ''
AND ResetKey = '".mysql_real_escape_string($resetkey)."'
AND Email = '".mysql_real_escape_string($email)."'";
AND ResetKey = '".db_escape_string($resetkey)."'
AND Email = '".db_escape_string($email)."'";
$result = db_query($q, $dbh);
if (!mysql_affected_rows($dbh)) {
$error = __('Invalid e-mail and reset key combination.');