From f384cea18df66a065142ea16376ceba6fe414d31 Mon Sep 17 00:00:00 2001
From: cosme12 <aaadiego502@gmail.com>
Date: Mon, 31 Aug 2015 11:39:38 -0300
Subject: [PATCH] SQL Injection fixed

---
 GameEngine/Account.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/GameEngine/Account.php b/GameEngine/Account.php
index 59faf646..951f0783 100644
--- a/GameEngine/Account.php
+++ b/GameEngine/Account.php
@@ -178,6 +178,7 @@ class Account {
 
 	private function Login() {
 		global $database,$session,$form;
+		$_POST['user'] = mysql_real_escape_string($_POST['user']);
 		if(!isset($_POST['user']) || $_POST['user'] == "") {
 			$form->addError("user",LOGIN_USR_EMPTY);
 		}