From 5116d22ed84db0f15a7f583bcbe243ee2cd606e1 Mon Sep 17 00:00:00 2001
From: Arun Persaud <arun@nubati.net>
Date: Mon, 25 Feb 2013 22:04:21 -0800
Subject: mysql optimization: don't quote integers as strings in WHERE

---
 include/user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include/user.php')

diff --git a/include/user.php b/include/user.php
index 546ea8d..65544f5 100644
--- a/include/user.php
+++ b/include/user.php
@@ -160,7 +160,7 @@ else
 			   " G.session".
 			   " FROM Hand".
 			   " LEFT JOIN Game G ON G.id=Hand.game_id".
-			   " WHERE user_id='$myid'".
+			   " WHERE user_id=".DB_quote_smart($myid).
 			   " ORDER BY G.session,G.create_date" );
 
 	/* sort into active and passive sessions */
-- 
cgit v1.2.3-18-g5258