@ -29,7 +29,7 @@
showfooter();
showfooter();
exit;
exit;
}
}
if(trim(mysql_escape_string(stripslashes($_REQUEST['newemail']))) == "")
if(trim(mysql_real_ escape_string(stripslashes($_REQUEST['newemail']))) == "")
{
{
showheader(_("My CAcert.org Account!"));
showheader(_("My CAcert.org Account!"));
printf(_("Not a valid email address. Can't continue."), $_REQUEST['email']);
printf(_("Not a valid email address. Can't continue."), $_REQUEST['email']);
@ -37,7 +37,7 @@
exit;
exit;
}
}
unset($oldid);
unset($oldid);
$_REQUEST['email'] = trim(mysql_escape_string(stripslashes($_REQUEST['newemail'])));
$_REQUEST['email'] = trim(mysql_real_ escape_string(stripslashes($_REQUEST['newemail'])));
$query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
$query = "select * from `email` where `email`='".$_REQUEST['email']."' and `deleted`=0";
$res = mysql_query($query);
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
if(mysql_num_rows($res) > 0)
@ -295,14 +295,14 @@
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='MS',
$query = "insert into `emailcerts` set `CN`='$defaultemail', `keytype`='MS',
`memid`='".$_SESSION['profile']['id']."',
`memid`='".$_SESSION['profile']['id']."',
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='$csrsubject',
`subject`='".mysql_real_escape_string( $csrsubject)." ',
`codesign`='".$_SESSION['_config']['codesign']."',
`codesign`='".$_SESSION['_config']['codesign']."',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
`rootcert`='".$_SESSION['_config']['rootcert']."'";
mysql_query($query);
mysql_query($query);
$emailid = mysql_insert_id();
$emailid = mysql_insert_id();
if(is_array($addys))
if(is_array($addys))
foreach($addys as $addy)
foreach($addys as $addy)
mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string( $addy)." '");
$CSRname = $_SESSION['_config']['filepath']."/csr/client-$emailid.csr";
$CSRname = $_SESSION['_config']['filepath']."/csr/client-$emailid.csr";
$fp = fopen($CSRname, "w");
$fp = fopen($CSRname, "w");
fputs($fp, $csr);
fputs($fp, $csr);
@ -336,7 +336,7 @@
}
}
$newdom = trim(escapeshellarg($newdomain));
$newdom = trim(escapeshellarg($newdomain));
$newdomain = mysql_escape_string(trim($newdomain));
$newdomain = mysql_real_ escape_string(trim($newdomain));
$res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
$res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
$query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
$query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
@ -367,7 +367,7 @@
$bits = explode(":", $line, 2);
$bits = explode(":", $line, 2);
$line = trim($bits[1]);
$line = trim($bits[1]);
if(!in_array($line, $addy) & & $line != "")
if(!in_array($line, $addy) & & $line != "")
$addy[] = trim(mysql_escape_string(stripslashes($line)));
$addy[] = trim(mysql_real_ escape_string(stripslashes($line)));
}
}
} else {
} else {
if(is_array($adds))
if(is_array($adds))
@ -384,7 +384,7 @@
$line = $bit;
$line = $bit;
}
}
if(!in_array($line, $addy) & & $line != "")
if(!in_array($line, $addy) & & $line != "")
$addy[] = trim(mysql_escape_string(stripslashes($line)));
$addy[] = trim(mysql_real_ escape_string(stripslashes($line)));
}
}
}
}
@ -393,7 +393,7 @@
if(!in_array($sub, $addy))
if(!in_array($sub, $addy))
$addy[] = $sub;
$addy[] = $sub;
$_SESSION['_config']['addy'] = $addy;
$_SESSION['_config']['addy'] = $addy;
$_SESSION['_config']['domain'] = mysql_escape_string($newdomain);
$_SESSION['_config']['domain'] = mysql_real_ escape_string($newdomain);
}
}
if($_REQUEST['process'] != "" & & $oldid == 8)
if($_REQUEST['process'] != "" & & $oldid == 8)
@ -401,7 +401,7 @@
unset($oldid);
unset($oldid);
$id = 8;
$id = 8;
$authaddy = trim(mysql_escape_string(stripslashes($_POST['authaddy'])));
$authaddy = trim(mysql_real_ escape_string(stripslashes($_POST['authaddy'])));
if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
{
{
@ -419,7 +419,7 @@
exit;
exit;
}
}
$query = "select * from `domains` where `domain`='".$_SESSION['_config']['domain']."' and `deleted`=0";
$query = "select * from `domains` where `domain`='".mysql_real_escape_string( $_SESSION['_config']['domain']) ."' and `deleted`=0";
$res = mysql_query($query);
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
if(mysql_num_rows($res) > 0)
{
{
@ -442,7 +442,7 @@
$hash = md5(fgets($rnd, 64));
$hash = md5(fgets($rnd, 64));
fclose($rnd);
fclose($rnd);
$query = "insert into `domains` set `domain`='".$_SESSION['_config']['domain']."',
$query = "insert into `domains` set `domain`='".mysql_real_escape_string( $_SESSION['_config']['domain']) ."',
`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
mysql_query($query);
mysql_query($query);
$domainid = mysql_insert_id();
$domainid = mysql_insert_id();
@ -563,15 +563,15 @@
if($_SESSION['_config']['rowid']['0'] > 0)
if($_SESSION['_config']['rowid']['0'] > 0)
{
{
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']['rows']['0']."',
$query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string( $_SESSION['_config']['rows']['0']) ."',
`domid`='".$_SESSION['_config']['rowid']['0']."',
`domid`='".mysql_real_escape_string( $_SESSION['_config']['rowid']['0']) ."',
`created`=NOW(),`subject`='$subject',
`created`=NOW(),`subject`='".mysql_real_escape_string( $subject)." ',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
`rootcert`='".mysql_real_escape_string( $_SESSION['_config']['rootcert']) ."'";
} else {
} else {
$query = "insert into `domaincerts` set `CN`='".$_SESSION['_config']['altrows']['0']."',
$query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string( $_SESSION['_config']['altrows']['0']) ."',
`domid`='".$_SESSION['_config']['altid']['0']."',
`domid`='".mysql_real_escape_string( $_SESSION['_config']['altid']['0']) ."',
`created`=NOW(),`subject`='$subject',
`created`=NOW(),`subject`='".mysql_real_escape_string( $subject)." ',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
`rootcert`='".mysql_real_escape_string( $_SESSION['_config']['rootcert']) ."'";
}
}
mysql_query($query);
mysql_query($query);
$CSRid = mysql_insert_id();
$CSRid = mysql_insert_id();
@ -630,7 +630,7 @@
}
}
mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
$row = mysql_fetch_assoc($res);
$row = mysql_fetch_assoc($res);
$query = "insert into `domaincerts` set `domid`='".$row['domid']."', `CN`='".$row['CN']."',
$query = "insert into `domaincerts` set `domid`='".$row['domid']."', `CN`='".mysql_real_escape_string( $row['CN']) ."',
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."',
`csr_name`='".$row['csr_name']."', `created`='".$row['created']."',
`modified`=NOW(), `rootcert`='".$row['rootcert']."'";
`modified`=NOW(), `rootcert`='".$row['rootcert']."'";
mysql_query($query);
mysql_query($query);
@ -679,7 +679,7 @@
if(!strstr($subject, "=$row/") & &
if(!strstr($subject, "=$row/") & &
substr($subject, -strlen("=$row")) != "=$row")
substr($subject, -strlen("=$row")) != "=$row")
$subject .= "/subjectAltName=$row";
$subject .= "/subjectAltName=$row";
$subject = mysql_real_escape_string($subject);
mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
echo _("Renewing").": ".$_SESSION['_config']['0.CN']."< br > \n";
echo _("Renewing").": ".$_SESSION['_config']['0.CN']."< br > \n";
@ -783,7 +783,7 @@
}
}
mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
$row = mysql_fetch_assoc($res);
$row = mysql_fetch_assoc($res);
$query = "insert into `emailcerts` set `memid`='".$row['memid']."', `CN`='".$row['CN']."',
$query = "insert into `emailcerts` set `memid`='".$row['memid']."', `CN`='".mysql_real_escape_string( $row['CN']) ."',
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."',
`keytype`='".$row['keytype']."', `csr_name`='".$row['csr_name']."',
`created`='".$row['created']."', `modified`=NOW(),
`created`='".$row['created']."', `modified`=NOW(),
`rootcert`='".$row['rootcert']."'";
`rootcert`='".$row['rootcert']."'";
@ -883,23 +883,23 @@
if($oldid == 13 & & $_REQUEST['process'] != "")
if($oldid == 13 & & $_REQUEST['process'] != "")
{
{
$_SESSION['_config']['user']['fname'] = trim(mysql_escape_string(stripslashes($fname)));
$_SESSION['_config']['user']['fname'] = trim(mysql_real_ escape_string(stripslashes($fname)));
$_SESSION['_config']['user']['mname'] = trim(mysql_escape_string(stripslashes($mname)));
$_SESSION['_config']['user']['mname'] = trim(mysql_real_ escape_string(stripslashes($mname)));
$_SESSION['_config']['user']['lname'] = trim(mysql_escape_string(stripslashes($lname)));
$_SESSION['_config']['user']['lname'] = trim(mysql_real_ escape_string(stripslashes($lname)));
$_SESSION['_config']['user']['suffix'] = trim(mysql_escape_string(stripslashes($suffix)));
$_SESSION['_config']['user']['suffix'] = trim(mysql_real_ escape_string(stripslashes($suffix)));
$_SESSION['_config']['user']['day'] = intval($day);
$_SESSION['_config']['user']['day'] = intval($day);
$_SESSION['_config']['user']['month'] = intval($month);
$_SESSION['_config']['user']['month'] = intval($month);
$_SESSION['_config']['user']['year'] = intval($year);
$_SESSION['_config']['user']['year'] = intval($year);
$_SESSION['_config']['user']['Q1'] = trim(mysql_escape_string(stripslashes($Q1)));
$_SESSION['_config']['user']['Q1'] = trim(mysql_real_ escape_string(stripslashes($Q1)));
$_SESSION['_config']['user']['Q2'] = trim(mysql_escape_string(stripslashes($Q2)));
$_SESSION['_config']['user']['Q2'] = trim(mysql_real_ escape_string(stripslashes($Q2)));
$_SESSION['_config']['user']['Q3'] = trim(mysql_escape_string(stripslashes($Q3)));
$_SESSION['_config']['user']['Q3'] = trim(mysql_real_ escape_string(stripslashes($Q3)));
$_SESSION['_config']['user']['Q4'] = trim(mysql_escape_string(stripslashes($Q4)));
$_SESSION['_config']['user']['Q4'] = trim(mysql_real_ escape_string(stripslashes($Q4)));
$_SESSION['_config']['user']['Q5'] = trim(mysql_escape_string(stripslashes($Q5)));
$_SESSION['_config']['user']['Q5'] = trim(mysql_real_ escape_string(stripslashes($Q5)));
$_SESSION['_config']['user']['A1'] = trim(mysql_escape_string(stripslashes($A1)));
$_SESSION['_config']['user']['A1'] = trim(mysql_real_ escape_string(stripslashes($A1)));
$_SESSION['_config']['user']['A2'] = trim(mysql_escape_string(stripslashes($A2)));
$_SESSION['_config']['user']['A2'] = trim(mysql_real_ escape_string(stripslashes($A2)));
$_SESSION['_config']['user']['A3'] = trim(mysql_escape_string(stripslashes($A3)));
$_SESSION['_config']['user']['A3'] = trim(mysql_real_ escape_string(stripslashes($A3)));
$_SESSION['_config']['user']['A4'] = trim(mysql_escape_string(stripslashes($A4)));
$_SESSION['_config']['user']['A4'] = trim(mysql_real_ escape_string(stripslashes($A4)));
$_SESSION['_config']['user']['A5'] = trim(mysql_escape_string(stripslashes($A5)));
$_SESSION['_config']['user']['A5'] = trim(mysql_real_ escape_string(stripslashes($A5)));
if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
$_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
$_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
@ -973,9 +973,9 @@
if($oldid == 14 & & $_REQUEST['process'] != "")
if($oldid == 14 & & $_REQUEST['process'] != "")
{
{
$_SESSION['_config']['user']['oldpass'] = trim(mysql_escape_string(stripslashes($oldpassword)));
$_SESSION['_config']['user']['oldpass'] = trim(mysql_real_ escape_string(stripslashes($oldpassword)));
$_SESSION['_config']['user']['pword1'] = trim(mysql_escape_string(stripslashes($pword1)));
$_SESSION['_config']['user']['pword1'] = trim(mysql_real_ escape_string(stripslashes($pword1)));
$_SESSION['_config']['user']['pword2'] = trim(mysql_escape_string(stripslashes($pword2)));
$_SESSION['_config']['user']['pword2'] = trim(mysql_real_ escape_string(stripslashes($pword2)));
$id = 14;
$id = 14;
showheader(_("My CAcert.org Account!"));
showheader(_("My CAcert.org Account!"));
@ -1013,7 +1013,7 @@
foreach($_POST['emails'] as $val)
foreach($_POST['emails'] as $val)
{
{
$val = mysql_escape_string(stripslashes(trim($val)));
$val = mysql_real_ escape_string(stripslashes(trim($val)));
$bits = explode("@", $val);
$bits = explode("@", $val);
$count = count($bits);
$count = count($bits);
if($count != 2)
if($count != 2)
@ -1030,7 +1030,7 @@
if($val != "")
if($val != "")
$_SESSION['_config']['emails'][] = $val;
$_SESSION['_config']['emails'][] = $val;
}
}
$_SESSION['_config']['name'] = mysql_escape_string(stripslashes(trim($name)));
$_SESSION['_config']['name'] = mysql_real_ escape_string(stripslashes(trim($name)));
}
}
if($oldid == 16 & & (intval(count($_SESSION['_config']['emails'])) + 0) < = 0)
if($oldid == 16 & & (intval(count($_SESSION['_config']['emails'])) + 0) < = 0)
@ -1575,12 +1575,12 @@
if($oldid == 24 & & $_REQUEST['process'] != "")
if($oldid == 24 & & $_REQUEST['process'] != "")
{
{
$id = intval($oldid);
$id = intval($oldid);
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
$_SESSION['_config']['O'] = trim(mysql_real_ escape_string(stripslashes($O)));
$_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact)));
$_SESSION['_config']['contact'] = trim(mysql_real_ escape_string(stripslashes($contact)));
$_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L)));
$_SESSION['_config']['L'] = trim(mysql_real_ escape_string(stripslashes($L)));
$_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST)));
$_SESSION['_config']['ST'] = trim(mysql_real_ escape_string(stripslashes($ST)));
$_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C)));
$_SESSION['_config']['C'] = trim(mysql_real_ escape_string(stripslashes($C)));
$_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments)));
$_SESSION['_config']['comments'] = trim(mysql_real_ escape_string(stripslashes($comments)));
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
{
{
@ -1602,12 +1602,12 @@
if($oldid == 27 & & $_REQUEST['process'] != "")
if($oldid == 27 & & $_REQUEST['process'] != "")
{
{
$id = intval($oldid);
$id = intval($oldid);
$_SESSION['_config']['O'] = trim(mysql_escape_string(stripslashes($O)));
$_SESSION['_config']['O'] = trim(mysql_real_ escape_string(stripslashes($O)));
$_SESSION['_config']['contact'] = trim(mysql_escape_string(stripslashes($contact)));
$_SESSION['_config']['contact'] = trim(mysql_real_ escape_string(stripslashes($contact)));
$_SESSION['_config']['L'] = trim(mysql_escape_string(stripslashes($L)));
$_SESSION['_config']['L'] = trim(mysql_real_ escape_string(stripslashes($L)));
$_SESSION['_config']['ST'] = trim(mysql_escape_string(stripslashes($ST)));
$_SESSION['_config']['ST'] = trim(mysql_real_ escape_string(stripslashes($ST)));
$_SESSION['_config']['C'] = trim(mysql_escape_string(stripslashes($C)));
$_SESSION['_config']['C'] = trim(mysql_real_ escape_string(stripslashes($C)));
$_SESSION['_config']['comments'] = trim(mysql_escape_string(stripslashes($comments)));
$_SESSION['_config']['comments'] = trim(mysql_real_ escape_string(stripslashes($comments)));
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
{
{
@ -1629,7 +1629,7 @@
if($oldid == 28 & & $_REQUEST['process'] != "")
if($oldid == 28 & & $_REQUEST['process'] != "")
{
{
$domain = $_SESSION['_config']['domain'] = trim(mysql_escape_string(stripslashes($domainname)));
$domain = $_SESSION['_config']['domain'] = trim(mysql_real_ escape_string(stripslashes($domainname)));
$res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
$res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
if(mysql_num_rows($res1) > 0)
if(mysql_num_rows($res1) > 0)
{
{
@ -1657,7 +1657,7 @@
if($oldid == 29 & & $_REQUEST['process'] != "")
if($oldid == 29 & & $_REQUEST['process'] != "")
{
{
$domain = mysql_escape_string(stripslashes(trim($domainname)));
$domain = mysql_real_ escape_string(stripslashes(trim($domainname)));
$res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".$_SESSION['_config']['domid']."'");
$res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".$_SESSION['_config']['domid']."'");
$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
$res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
@ -1806,9 +1806,9 @@
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
$masteracc = $_SESSION['_config'][masteracc] = intval($masteracc);
else
else
$masteracc = $_SESSION['_config'][masteracc] = 0;
$masteracc = $_SESSION['_config'][masteracc] = 0;
$_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_escape_string(stripslashes(trim($_REQUEST['email'])));
$_REQUEST['email'] = $_SESSION['_config']['email'] = mysql_real_ escape_string(stripslashes(trim($_REQUEST['email'])));
$OU = $_SESSION['_config']['OU'] = mysql_escape_string(stripslashes(trim($OU)));
$OU = $_SESSION['_config']['OU'] = mysql_real_ escape_string(stripslashes(trim($OU)));
$comments = $_SESSION['_config']['comments'] = mysql_escape_string(stripslashes(trim($comments)));
$comments = $_SESSION['_config']['comments'] = mysql_real_ escape_string(stripslashes(trim($comments)));
$res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."'");
$res = mysql_query("select * from `users` where `email`='".$_REQUEST['email']."'");
if(mysql_num_rows($res) < = 0)
if(mysql_num_rows($res) < = 0)
{
{
@ -1867,7 +1867,7 @@
if($oldid == 41)
if($oldid == 41)
{
{
$lang = mysql_escape_string($_POST['lang']);
$lang = mysql_real_ escape_string($_POST['lang']);
foreach($_SESSION['_config']['translations'] as $key => $val)
foreach($_SESSION['_config']['translations'] as $key => $val)
{
{
if($key == $lang)
if($key == $lang)
@ -1914,9 +1914,9 @@
$regid = intval($_REQUEST['regid']);
$regid = intval($_REQUEST['regid']);
$newreg = intval($_REQUEST['newreg']);
$newreg = intval($_REQUEST['newreg']);
$locid = intval($_REQUEST['locid']);
$locid = intval($_REQUEST['locid']);
$name = mysql_escape_string($_REQUEST['name']);
$name = mysql_real_ escape_string($_REQUEST['name']);
$long = mysql_escape_string($_REQUEST['longitude']);
$long = mysql_real_ escape_string($_REQUEST['longitude']);
$lat = mysql_escape_string($_REQUEST['latitude']);
$lat = mysql_real_ escape_string($_REQUEST['latitude']);
if($locid > 0 & & $_REQUEST['action'] == "edit" & & $name == htmlentities($name))
if($locid > 0 & & $_REQUEST['action'] == "edit" & & $name == htmlentities($name))
{
{
@ -2032,7 +2032,7 @@
{
{
echo _("No such user found.");
echo _("No such user found.");
} else {
} else {
mysql_query("update `users` set `password`=sha1('".mysql_escape_string(stripslashes($_POST['newpass']))."') where `id`='".intval($_POST['userid'])."'");
mysql_query("update `users` set `password`=sha1('".mysql_real_ escape_string(stripslashes($_POST['newpass']))."') where `id`='".intval($_POST['userid'])."'");
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_POST['userid']."'"));
$row = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_POST['userid']."'"));
printf(_("The password for %s has been updated successfully in the system."), $row['email']);
printf(_("The password for %s has been updated successfully in the system."), $row['email']);
}
}
@ -2252,7 +2252,7 @@
`tverify`='$uid',
`tverify`='$uid',
`memid`='".$_SESSION['profile']['id']."',
`memid`='".$_SESSION['profile']['id']."',
`when`=NOW(), `vote`='$vote',
`when`=NOW(), `vote`='$vote',
`comment`='".mysql_escape_string($_POST['comment'])."'";
`comment`='".mysql_real_ escape_string($_POST['comment'])."'";
mysql_query($query);
mysql_query($query);
$rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'"));
$rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'"));