projects / fa-stable.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Single quotes encoded before database data insert.
[fa-stable.git] / includes / db / connect_db.inc
diff --git a/includes/db/connect_db.inc b/includes/db/connect_db.inc
index fd6870e947ed121d58ec558a13a00561b523c3f5..f91d70235fe0bb53eec1dae5182b13030f770dc2 100644 (file)
--- a/includes/db/connect_db.inc
+++ b/includes/db/connect_db.inc
@@ -100,7 +100,7 @@ function db_num_fields ($result)
 
 function db_escape($value = "", $nullify = false)
 {
-       $value = @htmlspecialchars($value, ENT_COMPAT, $_SESSION['language']->encoding);
+       $value = @htmlspecialchars($value, ENT_QUOTES, $_SESSION['language']->encoding);
 
        //reset default if second parameter is skipped
        $nullify = ($nullify === null) ? (false) : ($nullify);
FrontAccounting stable branch