X-Git-Url: https://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Feventz%2Fsend.inc;h=6ea91aa28f7672b0ecdbdfe62a697725bd51c2cc;hb=12c388b0b02de8bccec72660602d8b4476161324;hp=eef20af1a86b1da0b406476ffda24d3dbc9b768a;hpb=096a21e4f2627c38a9f5ab74b913025822821b81;p=mirrors%2FKyberia-bloodline.git

diff --git a/wwwroot/inc/eventz/send.inc b/wwwroot/inc/eventz/send.inc
index eef20af..6ea91aa 100644
--- a/wwwroot/inc/eventz/send.inc
+++ b/wwwroot/inc/eventz/send.inc
@@ -70,7 +70,7 @@ return false;
 
                 if ($mail_to_id) {
 
-                        $mail_text=nodes::processContent($mail_text);
+                        $mail_text=mysql_real_escape_string(nodes::processContent($mail_text));
 global $htmlparse;
 if ($htmlparse) {
 $error=$htmlparse;
@@ -85,9 +85,10 @@ mail_from='$user_id',mail_text='$mail_text',mail_to='$mail_to_id_send',mail_time
                        $q="insert into mail set mail_duplicate_id='$duplicate_id',
 mail_read='no',mail_user='$mail_to_id_send',mail_from='$user_id',mail_text='$mail_text',
 mail_to='$mail_to_id_send',mail_timestamp=NOW()";
-                        $result=$db->query($q);
-                        $db->query("update users set user_mail=user_mail+1,
-user_mail_name='$user_name', user_mail_id = '".mysql_real_escape_string($_SESSION['user_id'])."' where user_id='$mail_to_id_send'");
+			$result=$db->query($q);
+			$db->query("update users set user_mail=user_mail+1,".
+			//"user_mail_name='$user_name',". //Not in DB yet!
+			"user_mail_id='".mysql_real_escape_string($_SESSION['user_id'])."' where user_id='$mail_to_id_send'");
                 }
             return true;