return mysql_num_fields($result);
}
-function db_escape ($result)
+function db_escape($value = "", $nullify = false)
{
- return mysql_escape_string($result);
-}
-
-function db_quote($value = "", $nullify = false)
-{
- $value = htmlspecialchars($value, ENT_COMPAT, $_SESSION['language']->encoding);
+ $value = @htmlspecialchars($value, ENT_COMPAT, $_SESSION['language']->encoding);
//reset default if second parameter is skipped
$nullify = ($nullify === null) ? (false) : ($nullify);
- //undo slashes for poorly configured servers
- $value = (get_magic_quotes_gpc()) ? (stripslashes($value)) : ($value);
//check for null/unset/empty strings
if ((!isset($value)) || (is_null($value)) || ($value === "")) {