From 29c974a320078c3169cade013235b6ad1a26302e Mon Sep 17 00:00:00 2001
From: nveid <nveid@ispconfig3>
Date: Wed, 07 Dec 2011 03:53:55 -0500
Subject: [PATCH] Updated some escape string methods outside of db_mysql_inc.php to use the standardize app->db->quote method already established.

---
 interface/lib/classes/listform.inc.php |    7 ++++---
 1 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index d4b1390..4f03c68 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -347,6 +347,7 @@
 
     public function encode($record)
     {
+	global $app;
         if(is_array($record)) {
             foreach($this->listDef['item'] as $field){
                 $key = $field['field'];
@@ -355,7 +356,7 @@
                     case 'VARCHAR':
                     case 'TEXT':
                         if(!is_array($record[$key])) {
-                            $record[$key] = mysql_real_escape_string($record[$key]);
+                            $record[$key] = $app->db->quote($record[$key]);
                         } else {
                             $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
                         }
@@ -384,7 +385,7 @@
                         break;
 
                     case 'DOUBLE':
-                        $record[$key] = mysql_real_escape_string($record[$key]);
+                        $record[$key] = $app->db->quote($record[$key]);
                         break;
 
                     case 'CURRENCY':
@@ -422,4 +423,4 @@
 
 }
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1