From ece83a4cfc0a64aa8086c0629008f5368e8d0a6c Mon Sep 17 00:00:00 2001
From: Evgeny Gryaznov <inspirer@users.sourceforge.net>
Date: Sat, 4 Apr 2009 21:35:58 +0000
Subject: [PATCH] get rid of: quote_smart, ${print:

git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@451 c66351dc-e62f-0410-b875-e3a5c0b9693f
---
 src/messenger/webim/libs/expand.php  | 2 --
 src/messenger/webim/operator/ban.php | 8 ++++----
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/src/messenger/webim/libs/expand.php b/src/messenger/webim/libs/expand.php
index 5e596403..4d44949b 100644
--- a/src/messenger/webim/libs/expand.php
+++ b/src/messenger/webim/libs/expand.php
@@ -71,8 +71,6 @@ function expand_var($matches) {
 		return form_value($var);
 	} else if($prefix == 'page:') {
 		return $page[$var];
-	} else if($prefix == 'print:') {
-		return htmlspecialchars($page[$var]);
 	} else if($prefix == 'if:' || $prefix == 'else:' || $prefix == 'endif:' || $prefix == 'ifnot:') {
 		return "<!-- wrong $prefix:$var -->";
 	}
diff --git a/src/messenger/webim/operator/ban.php b/src/messenger/webim/operator/ban.php
index b1ee86a0..de3dc48d 100644
--- a/src/messenger/webim/operator/ban.php
+++ b/src/messenger/webim/operator/ban.php
@@ -59,15 +59,15 @@ if( isset($_POST['address']) ) {
 			$query = sprintf(
 				"insert into chatban (dtmcreated,dtmtill,address,comment) values (CURRENT_TIMESTAMP,%s,'%s','%s')",
 				"FROM_UNIXTIME($utime)",
-				quote_smart($address,$link),
-				quote_smart($comment,$link));
+				mysql_real_escape_string($address,$link),
+				mysql_real_escape_string($comment,$link));
 			perform_query($query,$link);
 		} else {
 			$query = sprintf(
 				"update chatban set dtmtill = %s,address = '%s',comment = '%s' where banid = $banId",
 				"FROM_UNIXTIME($utime)",
-				quote_smart($address,$link),
-				quote_smart($comment,$link));
+				mysql_real_escape_string($address,$link),
+				mysql_real_escape_string($comment,$link));
 			perform_query($query,$link);
 					}
 		mysql_close($link);