From 51f52b525bc3b10b8008d916353f3034a9081cee Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Wed, 17 Apr 2013 13:34:37 -0400
Subject: [PATCH] Add rcube_db::escape() method, fix escapeSimple() to use escape instead of quote()

---
 plugins/virtuser_query/virtuser_query.php |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/virtuser_query/virtuser_query.php b/plugins/virtuser_query/virtuser_query.php
index 6eb7ad6..a4c8326 100644
--- a/plugins/virtuser_query/virtuser_query.php
+++ b/plugins/virtuser_query/virtuser_query.php
@@ -55,7 +55,7 @@
     {
         $dbh = $this->app->get_dbh();
 
-        $sql_result = $dbh->query(preg_replace('/%u/', $dbh->quote($p['user']), $this->config['email']));
+        $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['email']));
 
         while ($sql_arr = $dbh->fetch_array($sql_result)) {
             if (strpos($sql_arr[0], '@')) {
@@ -92,7 +92,7 @@
     {
         $dbh = $this->app->get_dbh();
 
-        $sql_result = $dbh->query(preg_replace('/%m/', $dbh->quote($p['email']), $this->config['user']));
+        $sql_result = $dbh->query(preg_replace('/%m/', $dbh->escape($p['email']), $this->config['user']));
 
         if ($sql_arr = $dbh->fetch_array($sql_result)) {
             $p['user'] = $sql_arr[0];
@@ -108,7 +108,7 @@
     {
         $dbh = $this->app->get_dbh();
 
-        $sql_result = $dbh->query(preg_replace('/%u/', $dbh->quote($p['user']), $this->config['host']));
+        $sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['host']));
 
         if ($sql_arr = $dbh->fetch_array($sql_result)) {
             $p['host'] = $sql_arr[0];

--
Gitblit v1.9.1