From 282dff4f18672c22f171768a983a740d1a8e0096 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Wed, 17 Apr 2013 19:33:42 +0200 Subject: Add rcube_db::escape() method, fix escapeSimple() to use escape instead of quote() --- plugins/virtuser_query/virtuser_query.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/virtuser_query/virtuser_query.php b/plugins/virtuser_query/virtuser_query.php index 32522f9d0..9e3dc9071 100644 --- a/plugins/virtuser_query/virtuser_query.php +++ b/plugins/virtuser_query/virtuser_query.php @@ -59,7 +59,7 @@ class virtuser_query extends rcube_plugin { $dbh = $this->get_dbh(); - $sql_result = $dbh->query(preg_replace('/%u/', $dbh->quote($p['user']), $this->config['email'])); + $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['email'])); while ($sql_arr = $dbh->fetch_array($sql_result)) { if (strpos($sql_arr[0], '@')) { @@ -96,7 +96,7 @@ class virtuser_query extends rcube_plugin { $dbh = $this->get_dbh(); - $sql_result = $dbh->query(preg_replace('/%m/', $dbh->quote($p['email']), $this->config['user'])); + $sql_result = $dbh->query(preg_replace('/%m/', $dbh->escape($p['email']), $this->config['user'])); if ($sql_arr = $dbh->fetch_array($sql_result)) { $p['user'] = $sql_arr[0]; @@ -112,7 +112,7 @@ class virtuser_query extends rcube_plugin { $dbh = $this->get_dbh(); - $sql_result = $dbh->query(preg_replace('/%u/', $dbh->quote($p['user']), $this->config['host'])); + $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['host'])); if ($sql_arr = $dbh->fetch_array($sql_result)) { $p['host'] = $sql_arr[0]; -- cgit v1.2.3