Now MySQL_real_escaping mail text...

diff --git a/wwwroot/inc/eventz/send.inc b/wwwroot/inc/eventz/send.inc
index bf217beb41aed63e4f559e6264ec64d7ff8abb99..6ea91aa28f7672b0ecdbdfe62a697725bd51c2cc 100644 (file)
--- a/wwwroot/inc/eventz/send.inc
+++ b/wwwroot/inc/eventz/send.inc
@@ -70,7 +70,7 @@ return false;
 
                 if ($mail_to_id) {
 
-                        $mail_text=nodes::processContent($mail_text);
+                        $mail_text=mysql_real_escape_string(nodes::processContent($mail_text));
 global $htmlparse;
 if ($htmlparse) {
 $error=$htmlparse;