From 5b1a202965777043c8f2476441c53ce20f8978fd Mon Sep 17 00:00:00 2001
From: Karl 'vollmerk' Vollmer <vollmer@ampache.org>
Date: Tue, 31 Jan 2006 23:38:04 +0000
Subject: fixed null vs two single quotes on insert statement

---
 modules/vauth/session.lib.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/vauth/session.lib.php b/modules/vauth/session.lib.php
index 13e2285e..8332817b 100644
--- a/modules/vauth/session.lib.php
+++ b/modules/vauth/session.lib.php
@@ -188,12 +188,15 @@ function vauth_session_create($data) {
 
 	$username 	= sql_escape($data['username']);
 	$type		= sql_escape($data['type']);
-	$value		= sql_escape($data['value']);
+	$value		= "'" . sql_escape($data['value']) . "'";
 	$expire		= sql_escape(vauth_conf('session_length'));
 
+	/* We can't have null things here people */
+	if (strlen($value) == 2) { $value = 'NULL'; } 
+
 	/* Insert the row */
 	$sql = "INSERT INTO session (`id`,`username`,`type`,`value`,`expire`) " . 
-		" VALUES ('$key','$username','$type','$value','$expire')";
+		" VALUES ('$key','$username','$type',$value,'$expire')";
 	$db_results = mysql_query($sql, vauth_dbh());
 
 	return $db_results;
-- 
cgit