Fixes

[mailer.git] / inc / db / lib-mysql3.php

diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index 5d346e48ff5ac65462357d97aadd9a9b2921f24a..c9b033172e552df591a0389b62c12f4f02338afa 100644 (file)
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -295,6 +295,9 @@ function SQL_INSERTID () {
 function SQL_ESCAPE ($str, $secureString = true, $strip = true) {
        // Do we have cache?
        if (!isset($GLOBALS['sql_escapes'][''.$str.''])) {
+               // Prepare the string here
+               $str = SQL_PREPARE_SQL_STRING($str);
+
                // Secure string first? (which is the default behaviour!)
                if ($secureString === true) {
                        // Then do it here
@@ -541,12 +544,11 @@ function SQL_HASZEROAFFECTED () {
 function SQL_PREPARE_SQL_STRING ($sqlString, $enableCodes = true) {
        // Is it already cached?
        if (!isset($GLOBALS['sql_strings'][$sqlString])) {
-               // Compile config+expression code
-               $sqlString2 = FILTER_COMPILE_EXPRESSION_CODE(FILTER_COMPILE_CONFIG($sqlString));
+               // Compile URI codes+config+expression code
+               $sqlString2 = FILTER_COMPILE_EXPRESSION_CODE(FILTER_COMPILE_CONFIG(compileUriCode($sqlString)));
 
                // Do final compilation
                $GLOBALS['sql_strings'][$sqlString] = doFinalCompilation($sqlString2, false, $enableCodes);
-               //die($sqlString.'<br />'.$sqlString2.'<br />'.$GLOBALS['sql_strings'][$sqlString]);
        } // END - if
 
        // Return it