From ed7f7a574eeb9b921d4b85c6e8607faac4971a47 Mon Sep 17 00:00:00 2001
From: nikrou <nikrou@piwigo.org>
Date: Wed, 24 Jun 2009 19:00:40 +0000
Subject: Fix two problem with Feature 1026 : use of
 $conf['user_fields']['username'] and $conf['user_fields']['id'] instead of
 username and id escape comment content before editing it.

git-svn-id: http://piwigo.org/svn/trunk@3452 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/picture_comment.inc.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'include/picture_comment.inc.php')

diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php
index 8845ee47a..e957424f5 100644
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@@ -128,10 +128,11 @@ SELECT COUNT(*) AS nb_comments
     }
 
     $query = '
-SELECT com.id,author,author_id,username,date,image_id,content,validated
+SELECT com.id,author,author_id,'.$conf['user_fields']['username'].' AS username,
+  date,image_id,content,validated
   FROM '.COMMENTS_TABLE.' AS com
   LEFT JOIN '.USERS_TABLE.' AS u
-    ON u.id = author_id
+    ON u.'.$conf['user_fields']['id'].' = author_id
   WHERE image_id = '.$page['image_id'].
 $validated_clause.'
   ORDER BY date ASC
-- 
cgit v1.2.3