Ops, one more left ...

[friendica.git] / mod / register.php

diff --git a/mod/register.php b/mod/register.php
index aa0f2f59bc1ece7c3f48562455ab9f7e0046f734..b851faf2d6225f471e5cec43e93270b4beab3978 100644 (file)
--- a/mod/register.php
+++ b/mod/register.php
@@ -11,6 +11,7 @@ use Friendica\Core\L10n;
 use Friendica\Core\PConfig;
 use Friendica\Core\System;
 use Friendica\Core\Worker;
+use Friendica\Database\DBA;
 use Friendica\Model\User;
 use Friendica\Module\Tos;
 use Friendica\Util\DateTimeFormat;
@@ -85,14 +86,14 @@ function register_post(App $a)
 
        if (intval(Config::get('config', 'register_policy')) === REGISTER_OPEN) {
                if ($using_invites && $invite_id) {
-                       q("delete * from register where hash = '%s' limit 1", dbesc($invite_id));
+                       q("delete * from register where hash = '%s' limit 1", DBA::escape($invite_id));
                        PConfig::set($user['uid'], 'system', 'invites_remaining', $num_invites);
                }
 
                // Only send a password mail when the password wasn't manually provided
                if (!x($_POST, 'password1') || !x($_POST, 'confirm')) {
                        $res = User::sendRegisterOpenEmail(
-                                       $user['email'], Config::get('config', 'sitename'), System::baseUrl(), $user['username'], $result['password']);
+                                       $user['email'], Config::get('config', 'sitename'), System::baseUrl(), $user['username'], $result['password'], $user);
 
                        if ($res) {
                                info(L10n::t('Registration successful. Please check your email for further instructions.') . EOL);
@@ -117,22 +118,22 @@ function register_post(App $a)
 
                $hash = random_string();
                $r = q("INSERT INTO `register` ( `hash`, `created`, `uid`, `password`, `language`, `note` ) VALUES ( '%s', '%s', %d, '%s', '%s', '%s' ) ",
-                       dbesc($hash),
-                       dbesc(DateTimeFormat::utcNow()),
+                       DBA::escape($hash),
+                       DBA::escape(DateTimeFormat::utcNow()),
                        intval($user['uid']),
-                       dbesc($result['password']),
-                       dbesc(Config::get('system', 'language')),
-                       dbesc($_POST['permonlybox'])
+                       DBA::escape($result['password']),
+                       DBA::escape(Config::get('system', 'language')),
+                       DBA::escape($_POST['permonlybox'])
                );
 
                // invite system
                if ($using_invites && $invite_id) {
-                       q("DELETE * FROM `register` WHERE `hash` = '%s' LIMIT 1", dbesc($invite_id));
+                       q("DELETE * FROM `register` WHERE `hash` = '%s' LIMIT 1", DBA::escape($invite_id));
                        PConfig::set($user['uid'], 'system', 'invites_remaining', $num_invites);
                }
 
                // send email to admins
-               $admin_mail_list = "'" . implode("','", array_map("dbesc", explode(",", str_replace(" ", "", Config::get('config', 'admin_email'))))) . "'";
+               $admin_mail_list = "'" . implode("','", array_map(['Friendica\Database\DBA', 'escape'], explode(",", str_replace(" ", "", Config::get('config', 'admin_email'))))) . "'";
                $adminlist = q("SELECT uid, language, email FROM user WHERE email IN (%s)",
                        $admin_mail_list
                );