From 029591964885e4a9010838cd9ae9824267dc63fc Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Thu, 21 Mar 2013 21:42:11 +0400 Subject: attempt fix db_escape_string() invocation in sessions.php --- include/db.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'include/db.php') diff --git a/include/db.php b/include/db.php index f1a7af363..17437142b 100644 --- a/include/db.php +++ b/include/db.php @@ -41,13 +41,17 @@ function db_connect($host, $user, $pass, $db) { } } -function db_escape_string($s, $strip_tags = true) { +function db_escape_string($s, $strip_tags = true, $link = NULL) { if ($strip_tags) $s = strip_tags($s); if (DB_TYPE == "pgsql") { - return pg_escape_string($s); + if ($link) { + return pg_escape_string($link, $s); + } else { + return pg_escape_string($s); + } } else { - return mysql_real_escape_string($s); + return mysql_real_escape_string($s, $link); } } -- cgit v1.2.3