From 2a26c898cafb3523b2e6c8b8b499402befc0c442 Mon Sep 17 00:00:00 2001
From: redmatrix <redmatrix@redmatrix.me>
Date: Wed, 2 Sep 2015 15:52:54 -0700
Subject: protect from sql injection

---
 include/zot.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/zot.php b/include/zot.php
index 55870c2b9..0376dc7f5 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -1663,7 +1663,7 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
 
 		$ab = q("select * from abook where abook_channel = %d and abook_xchan = '%s'",
 			intval($channel['channel_id']),
-			$arr['owner_xchan']
+			dbesc($arr['owner_xchan'])
 		);
 		$abook = (($ab) ? $ab[0] : null); 
 
-- 
cgit v1.2.3


From d9a67d64b1275257e51c0754d2f76ce7883affcc Mon Sep 17 00:00:00 2001
From: redmatrix <redmatrix@redmatrix.me>
Date: Wed, 2 Sep 2015 18:04:22 -0700
Subject: Update the credits

---
 include/text.php | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'include')

diff --git a/include/text.php b/include/text.php
index 02a038ef4..f4122845e 100644
--- a/include/text.php
+++ b/include/text.php
@@ -72,10 +72,6 @@ function notags($string) {
 //	return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
 }
 
-// use this on "body" or "content" input where angle chars shouldn't be removed,
-// and allow them to be safely displayed.
-
-
 
 /**
  * use this on "body" or "content" input where angle chars shouldn't be removed,
-- 
cgit v1.2.3