Project

General

Profile

« Previous | Next » 

Revision 1868

Added by Dietmar over 11 years ago

! change mysql_esc_string to WbDatabase::getInstance()->escapeStrinng()

View differences:

email.php
46 46 
    			if(!$wb->validate_email($email)){
47 47 
    				$error[] = ($MESSAGE['USERS_INVALID_EMAIL']);
48 48 
    			} else {
49 
        			$email = mysql_escape_string($email);
49 
        			$email = $database->escapeString($email);
50 50 
                    // Update the database
51 51 
        			$sql = "UPDATE `".TABLE_PREFIX."users` SET `email` = '".$email."' WHERE `user_id` = ".$wb->get_user_id();
52 52 
        			$database->query($sql);

Also available in: Unified diff