From 3972bf598195efba3e73ae1fef3faceabeb50308 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@fakecake.org>
Date: Fri, 22 Mar 2013 09:14:55 +0400
Subject: db_escape_string: specify link parameter for consistency; sessions:
 do not force-close db connection in _close()

---
 classes/auth/base.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'classes/auth')

diff --git a/classes/auth/base.php b/classes/auth/base.php
index aa9d657a4..ad7ff3646 100644
--- a/classes/auth/base.php
+++ b/classes/auth/base.php
@@ -21,7 +21,7 @@ class Auth_Base {
 			$user_id = $this->find_user_by_login($login);
 
 			if (!$user_id) {
-				$login = db_escape_string($login);
+				$login = db_escape_string($this->link, $login);
 				$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
 				$pwd_hash = encrypt_password($password, $salt, true);
 
@@ -42,7 +42,7 @@ class Auth_Base {
 	}
 
 	function find_user_by_login($login) {
-		$login = db_escape_string($login);
+		$login = db_escape_string($this->link, $login);
 
 		$result = db_query($this->link, "SELECT id FROM ttrss_users WHERE
 			login = '$login'");
-- 
cgit v1.2.3