From 29c974a320078c3169cade013235b6ad1a26302e Mon Sep 17 00:00:00 2001
From: nveid <nveid@ispconfig3>
Date: Wed, 07 Dec 2011 03:53:55 -0500
Subject: [PATCH] Updated some escape string methods outside of db_mysql_inc.php to use the standardize app->db->quote method already established.

---
 interface/lib/classes/form.inc.php |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/interface/lib/classes/form.inc.php b/interface/lib/classes/form.inc.php
index 99f6cfb..2b2504a 100644
--- a/interface/lib/classes/form.inc.php
+++ b/interface/lib/classes/form.inc.php
@@ -286,7 +286,7 @@
 	* @return record
 	*/
 	function encode($record) {
-		
+		global $app;
 		$this->errorMessage = '';
 		
 		if(is_array($record)) {
@@ -294,7 +294,7 @@
 				switch ($this->tableDef[$key]['datatype']) {
 				case 'VARCHAR':
 					if(!is_array($val)) {
-						$new_record[$key] = mysql_real_escape_string($val);
+						$new_record[$key] = $app->db->quote($val);
 					} else {
 						$new_record[$key] = implode($this->tableDef[$key]['separator'],$val);
 					}
@@ -309,7 +309,7 @@
 					$new_record[$key] = intval($val);
 				break;
 				case 'DOUBLE':
-					$new_record[$key] = mysql_real_escape_string($val);
+					$new_record[$key] = $app->db->quote($val);
 				break;
 				case 'CURRENCY':
 					$new_record[$key] = str_replace(",",".",$val);
@@ -472,4 +472,4 @@
 	
 }
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1