Unnessarry addslashes() and SQL_ESCAPE() removed, some added, some bigintval() added

[mailer.git] / inc / modules / guest / what-register.php

diff --git a/inc/modules/guest/what-register.php b/inc/modules/guest/what-register.php
index cec98b6c1d7aaadb2468aa64a3803c02afaf593c..e4fa749c486ce10080e71e514302bd096bbf501b 100644 (file)
--- a/inc/modules/guest/what-register.php
+++ b/inc/modules/guest/what-register.php
@@ -221,7 +221,7 @@ if ((isset($_POST['ok'])) && (!$FAILED))
        } else {
                // Old way with enterable two-char-code
                $countryRow = "country";
-               $countryData = addslashes(substr($_POST['cntry'], 0, 2));
+               $countryData = substr($_POST['cntry'], 0, 2);
        }
 
        //////////////////////////////
@@ -232,14 +232,14 @@ if ((isset($_POST['ok'])) && (!$FAILED))
 VALUES ('%s','%s','%s','%s','%s',%s,'%s','%s',%s, %s,%s,'%s',%s, %s,'%s','UNCONFIRMED','%s','%s', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()".$ADD2.")",
        array(
                $countryRow,
-               SQL_ESCAPE(substr($_POST['gender'], 0, 1)),
-               SQL_ESCAPE($_POST['surname']),
-               SQL_ESCAPE($_POST['family_name']),
-               SQL_ESCAPE($_POST['street_nr']),
+               substr($_POST['gender'], 0, 1),
+               $_POST['surname'],
+               $_POST['family_name'],
+               $_POST['street_nr'],
                $countryData,
                bigintval($_POST['zip']),
-               SQL_ESCAPE($_POST['city']),
-               SQL_ESCAPE($_POST['addy']),
+               $_POST['city'],
+               $_POST['addy'],
                bigintval($_POST['day']),
                bigintval($_POST['month']),
                bigintval($_POST['year']),