addslashes() did escape also single quotes (') which breaks some banner rotation...

[mailer.git] / inc / db / lib-mysql3.php

diff --git a/inc/db/lib-mysql3.php b/inc/db/lib-mysql3.php
index 8c20de47cf773f49493b16cb10013935ec27f249..1c96788f119476f58d7db9bbd08d69f46e1018dc 100644 (file)
--- a/inc/db/lib-mysql3.php
+++ b/inc/db/lib-mysql3.php
@@ -313,8 +313,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
                } // END - if
 
                if (!SQL_IS_LINK_UP()) {
-                       // Fall-back to addslashes() when there is no link
-                       $ret = addslashes($str);
+                       // Fall-back to escapeQuotes() when there is no link
+                       $ret = escapeQuotes($str);
                } elseif (function_exists('mysql_real_escape_string')) {
                        // The new and improved version
                        //* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, 'str='.$str);
@@ -323,8 +323,8 @@ function SQL_ESCAPE ($str, $secureString=true, $strip=true) {
                        // The obsolete function
                        $ret = mysql_escape_string($str, SQL_GET_LINK());
                } else {
-                       // If nothing else works, fall back to addslashes() again
-                       $ret = addslashes($str);
+                       // If nothing else works, fall back to escapeQuotes() again
+                       $ret = escapeQuotes($str);
                }
 
                // Cache result