bored

A micro PHP framework
git clone git://git.bitsmanent.org/bored
Log | Files | Refs | README
commit 8b8ac50864ae09d1128df0dedaab3179e2181366
parent 94448a099a3e8533e1a084c4056a5c7a7134c5cb
Author: Claudio Alessi <smoppy@gmail.com>
Date:   Wed, 26 Jun 2019 15:53:54 +0200

dbin() now use mysqli_real_escape_string().
Also get rid of dbout().

Diffstat:

Mbored.php | 8+++-----


1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/bored.php b/bored.php
@@ -171,15 +171,13 @@ function dberr($l = NULL) {
 }
 
 function dbin($s) {
+	global $dblink;
+
 	if($s === NULL)
 		return "NULL";
 	if($s == "CURRENT_TIMESTAMP")
 		return $s;
-	return "'".addslashes(htmlentities($s, ENT_QUOTES, 'UTF-8'))."'";
-}
-
-function dbout($s) {
-	return stripslashes(html_entity_decode($s, ENT_QUOTES, 'UTF-8'));
+	return "'".mysqli_real_escape_string($dblink, $s)."'";
 }
 
 function dbids() {