server/lib/classes/db_mysql.inc.php
@@ -163,7 +163,12 @@ // Check der variablen function quote($formfield) { return addslashes($formfield); if(!$this->connect()){ $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string'); return addslashes($formfield); } return mysql_real_escape_string($formfield); } // Check der variablen