diff options
author | Michael Tänzer <neo@nhng.de> | 2014-04-30 23:29:24 +0200 |
---|---|---|
committer | Michael Tänzer <neo@nhng.de> | 2014-05-01 02:11:07 +0200 |
commit | 70b829a7d195f8dbd0c26f2928d623f83caf5a58 (patch) | |
tree | a67aec4f87fd3353452945855a9fa4deeeb425c7 | |
parent | a11cfcccaad26310d539c9dd70857d1eae72badd (diff) | |
download | cacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.tar.gz cacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.tar.xz cacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.zip |
bug 1138: Avoid double escaping
Yes it's ugly but should be fixed in a separate bug
Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r-- | includes/account.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/account.php b/includes/account.php index 7fc5ef2..ab30813 100644 --- a/includes/account.php +++ b/includes/account.php @@ -151,7 +151,7 @@ function buildSubjectFromSession() { exit; } $hash = make_hash(); - $query = "insert into `email` set `email`='".mysql_real_escape_string($_REQUEST['email'])."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'"; + $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'"; mysql_query($query); $emailid = mysql_insert_id(); |