projects / platal.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Restore safe behaviour of getLogin.
[platal.git] / classes / user.php
diff --git a/classes/user.php b/classes/user.php
index 7723c3f..a7467b2 100644 (file)
--- a/classes/user.php
+++ b/classes/user.php
@@ -85,8 +85,8 @@ class User extends PlUser
         // Checks whether $login is a valid hruid or not.
         $res = XDB::query('SELECT  uid
                              FROM  accounts
-                            WHERE  hruid' . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $login));
-        if ($res->numRows() == 1) {
+                             WHERE  hruid = {?}', $login);
+        if ($res->numRows()) {
             return $res->fetchOneCell();
         }
 
plat/al