a few tweaks

author: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2006-01-08 06:38:06 +0000
committer: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2006-01-08 06:38:06 +0000
commit: db10ee8e7883dc00c3e2f559532124f842f59e5d (patch)
tree: 45f82abd3c60ae598a9f829035d2424ffe0d5794 /lib/class/user.class.php
parent: 2bb59dfa45f008846305c62962616bd3fff3884d (diff)
download: ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.tar.gz
ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.tar.bz2
ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/class/user.class.php b/lib/class/user.class.php
index 5a7fc306..2df961e9 100644
--- a/lib/class/user.class.php
+++ b/lib/class/user.class.php
@@ -723,7 +723,7 @@ class User {
 		  admin
 		*/
 		if ($this->has_access(100)) { 
-			$sql = "SELECT * FROM user WHERE (level='admin' OR level='100') AND username!='" . $this->username . "'";
+			$sql = "SELECT username FROM user WHERE (access='admin' OR access='100') AND username !='" . sql_escape($this->username) . "'";
 			$db_results = mysql_query($sql, dbh());
 			if (!mysql_num_rows($db_results)) { 
 				return false;
author	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2006-01-08 06:38:06 +0000
committer	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2006-01-08 06:38:06 +0000
commit	db10ee8e7883dc00c3e2f559532124f842f59e5d (patch)
tree	45f82abd3c60ae598a9f829035d2424ffe0d5794 /lib/class/user.class.php
parent	2bb59dfa45f008846305c62962616bd3fff3884d (diff)
download	ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.tar.gz ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.tar.bz2 ampache-db10ee8e7883dc00c3e2f559532124f842f59e5d.zip