summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2014-04-30 23:29:24 +0200
committerMichael Tänzer <neo@nhng.de>2014-05-01 02:11:07 +0200
commit70b829a7d195f8dbd0c26f2928d623f83caf5a58 (patch)
treea67aec4f87fd3353452945855a9fa4deeeb425c7
parenta11cfcccaad26310d539c9dd70857d1eae72badd (diff)
downloadcacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.tar.gz
cacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.tar.xz
cacert-devel-70b829a7d195f8dbd0c26f2928d623f83caf5a58.zip
bug 1138: Avoid double escaping
Yes it's ugly but should be fixed in a separate bug Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--includes/account.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/account.php b/includes/account.php
index 7fc5ef2..ab30813 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -151,7 +151,7 @@ function buildSubjectFromSession() {
exit;
}
$hash = make_hash();
- $query = "insert into `email` set `email`='".mysql_real_escape_string($_REQUEST['email'])."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
+ $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
mysql_query($query);
$emailid = mysql_insert_id();