From ec0581f8965bc01e10357741c8360a882c57c13f Mon Sep 17 00:00:00 2001
From: arzynik <github@arzynik.com>
Date: Sat, 26 Apr 2014 16:02:17 -0700
Subject: [PATCH] fixed excape

---
 include/library/Crunchbutton/Admin/Auth.php | 19 ++++++++-----------
 1 file changed, 8 insertions(+), 11 deletions(-)

diff --git a/include/library/Crunchbutton/Admin/Auth.php b/include/library/Crunchbutton/Admin/Auth.php
index 2124b5af8..c8fa66df5 100644
--- a/include/library/Crunchbutton/Admin/Auth.php
+++ b/include/library/Crunchbutton/Admin/Auth.php
@@ -8,17 +8,14 @@ class Crunchbutton_Admin_Auth extends Cana_Model {
 
 	public static function localLogin($email, $password) {
 		$password = self::passwordEncrypt($password);
-		$query = sprintf('
-			SELECT * 
-			FROM admin
-			WHERE
-				login="%s"
-				AND pass="%s"
-				AND active=1
-				LIMIT 1',
-			@mysql_real_escape_string($email),
-			@mysql_real_escape_string($password)
-		);
+		$query = '
+                        SELECT *
+                        FROM admin
+                        WHERE
+                             	login="'.c::db()->escape($email).'"
+                                AND pass="'.c::db()->escape($password).'"
+                                AND active=1
+                                LIMIT 1';
 
 		return Admin::q($query)->get(0);