[php7] fix an incorrect conversion to mysqli_real_escape_string()

stuarta · stuarta · commit 02a3d12ddb36 · 2017-10-09T13:33:04.000+01:00
diff --git a/classes/Database/mysql.php b/classes/Database/mysql.php
@@ -73,7 +73,7 @@ function escape($string) {
         if (is_null($string))
             return 'NULL';
     // Just a string
-        return str_replace('?', '\\?', "'".mysqli_real_escape_string($string, $this->dbh)."'");
+        return str_replace('?', '\\?', "'".mysqli_real_escape_string($this->dbh, $string)."'");
     }
 
 /**

Original file line number	Diff line number	Diff line change
`@@ -73,7 +73,7 @@ function escape($string) {`
`73`	`73`	`if (is_null($string))`
`74`	`74`	`return 'NULL';`
`75`	`75`	`// Just a string`
`76`		`- return str_replace('?', '\\?', "'".mysqli_real_escape_string($string, $this->dbh)."'");`
	`76`	`+ return str_replace('?', '\\?', "'".mysqli_real_escape_string($this->dbh, $string)."'");`
`77`	`77`	`}`
`78`	`78`
`79`	`79`	`/**`