fixed #1802 fixed double escape for user creation, album creation and comments

include/functions_comment.inc.php

@@ -214,10 +214,10 @@ SELECT count(1) FROM '.COMMENTS_TABLE.'
 INSERT INTO '.COMMENTS_TABLE.'
   (author, author_id, anonymous_id, content, date, validated, validation_date, image_id, website_url, email)
   VALUES (
-    \''.pwg_db_real_escape_string($comm['author']).'\',
+    \''.$comm['author'].'\',
     '.$comm['author_id'].',
     \''.$comm['ip'].'\',
-    \''.pwg_db_real_escape_string($comm['content']).'\',
+    \''.$comm['content'].'\',
     NOW(),
     \''.($comment_action=='validate' ? 'true':'false').'\',
     '.($comment_action=='validate' ? 'NOW()':'NULL').',

include/functions_user.inc.php

@@ -173,7 +173,7 @@ function register_user($login, $password, $mail_address, $notify_admin=true, &$e
   if (empty($errors))
   {
     $insert = array(
-      $conf['user_fields']['username'] => pwg_db_real_escape_string($login),
+      $conf['user_fields']['username'] => $login,
       $conf['user_fields']['password'] => $conf['password_hash']($password),
       $conf['user_fields']['email'] => $mail_address
       );

include/ws_functions/pwg.categories.php

@@ -648,7 +648,7 @@ function ws_categories_add($params, &$service)
     $options['comment'] = strip_tags($params['comment']);
   }
   
-  $params['name'] = pwg_db_real_escape_string($params['name']);
+  $params['name'] = $params['name'];
   $creation_output = create_virtual_category(
     strip_tags($params['name']), // TODO do not strip tags if pwg_token is provided (and valid)
     $params['parent'],