From c4a3f76cb3fccf1c836e3017a18cbdcee9fedf0f Mon Sep 17 00:00:00 2001
From: Arthur Portugal <yukiportu@msn.com>
Date: Wed, 12 Aug 2009 10:59:14 -0500
Subject: [PATCH] Fix extra escape string into add function - see DT#5096  (by
 cfasanando)

---
 main/inc/lib/legal.lib.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/main/inc/lib/legal.lib.php b/main/inc/lib/legal.lib.php
index 1ff9a3e736..ff07dd966c 100644
--- a/main/inc/lib/legal.lib.php
+++ b/main/inc/lib/legal.lib.php
@@ -28,15 +28,15 @@ class LegalManager {
 		$type     = intval($type);
 		$changes  = Database::escape_string($changes);
 		$time = time();
-		
+
 		if ($last['content'] != $content) {
 			$version = intval(Legalmanager::get_last_condition_version($language));
 			$version++;
 			 $sql = "INSERT INTO $legal_table
 						SET language_id = '".Database::escape_string($language)."',
-							content = '".Database::escape_string($content)."',
-							changes= '".Database::escape_string($changes)."',
-							type = '".Database::escape_string($type)."',
+							content = '".$content."',
+							changes= '".$changes."',
+							type = '".$type."',
 							version = '".Database::escape_string($version)."',
 							date = '".$time."'";
 			$result = Database::query($sql, __FILE__, __LINE__);
@@ -45,8 +45,8 @@ class LegalManager {
 			//update
 			$id = $last['legal_id'];
 			$sql = "UPDATE $legal_table
-					SET  changes= '".Database::escape_string($changes)."',
-					type = '".Database::escape_string($type)."',
+					SET  changes= '".$changes."',
+					type = '".$type."',
 					date = '".$time."'
 					WHERE legal_id= $id  ";
 			$result = Database::query($sql, __FILE__, __LINE__);