From 620df024f3d8960a89eb4ed71d3ea61e2b9aa3db Mon Sep 17 00:00:00 2001
From: quentusrex <quentusrex@ispconfig3>
Date: Thu, 30 Oct 2008 13:59:40 -0400
Subject: [PATCH] Now a client can view e-mail filters created by admin, but the client can't edit them. The client can submit a change, but it isn't input in the database, nor is the client told that the changes aren't made.

---
 server/lib/classes/db_mysql.inc.php |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php
index bc26ac5..f251532 100644
--- a/server/lib/classes/db_mysql.inc.php
+++ b/server/lib/classes/db_mysql.inc.php
@@ -163,7 +163,12 @@
 		// Check der variablen
         function quote($formfield)
         {
-            return addslashes($formfield);
+            if(!$this->connect()){
+				$this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+				return addslashes($formfield);
+			}
+			
+			return mysql_real_escape_string($formfield);
         }
 		
 		// Check der variablen

--
Gitblit v1.9.1