From 3e49cf5f56cfb64e1f3b00cecda8868f6b43f72f Mon Sep 17 00:00:00 2001
From: patdenice <patdenice@piwigo.org>
Date: Wed, 15 Oct 2008 20:58:36 +0000
Subject: Merge from trunk 2752: - change mysql_escape_string function
 (deprecated) by mysql_real_escape_string. - Correction on install.tpl (link
 color).

git-svn-id: http://piwigo.org/svn/branches/2.0@2753 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/functions_user.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'include/functions_user.inc.php')

diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 472487342..02aa2a5d8 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -115,7 +115,7 @@ SELECT MAX('.$conf['user_fields']['id'].') + 1
     $insert =
       array(
         $conf['user_fields']['id'] => $next_id,
-        $conf['user_fields']['username'] => mysql_escape_string($login),
+        $conf['user_fields']['username'] => mysql_real_escape_string($login),
         $conf['user_fields']['password'] => $conf['pass_convert']($password),
         $conf['user_fields']['email'] => $mail_address
         );
@@ -716,7 +716,7 @@ function get_userid($username)
 {
   global $conf;
 
-  $username = mysql_escape_string($username);
+  $username = mysql_real_escape_string($username);
 
   $query = '
 SELECT '.$conf['user_fields']['id'].'
-- 
cgit v1.2.3