diff options
-rw-r--r-- | include/db.php | 10 | ||||
-rw-r--r-- | include/sessions.php | 2 |
2 files changed, 8 insertions, 4 deletions
diff --git a/include/db.php b/include/db.php index f1a7af363..17437142b 100644 --- a/include/db.php +++ b/include/db.php @@ -41,13 +41,17 @@ function db_connect($host, $user, $pass, $db) { } } -function db_escape_string($s, $strip_tags = true) { +function db_escape_string($s, $strip_tags = true, $link = NULL) { if ($strip_tags) $s = strip_tags($s); if (DB_TYPE == "pgsql") { - return pg_escape_string($s); + if ($link) { + return pg_escape_string($link, $s); + } else { + return pg_escape_string($s); + } } else { - return mysql_real_escape_string($s); + return mysql_real_escape_string($s, $link); } } diff --git a/include/sessions.php b/include/sessions.php index 2cef1d91b..7d9b19bd5 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -53,7 +53,7 @@ $expire = time() + $session_expire; - $data = db_escape_string(base64_encode($data), $session_connection); + $data = db_escape_string(base64_encode($data), false, $session_connection); if ($session_read) { $query = "UPDATE ttrss_sessions SET data='$data', |