summaryrefslogtreecommitdiff
path: root/includes/loggedin.php
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-04-29 23:43:46 +0200
committerBenny Baumann <BenBE@geshi.org>2014-04-30 20:18:55 +0200
commitf98a23cad41c7a1e97d4252eb4e019a6b2a25dcd (patch)
tree3cf9637d2186480581d73a02743018aeffe3581a /includes/loggedin.php
parente00ea4fa1ecb61a00cce4da4fd11a9851a4ec792 (diff)
downloadcacert-devel-f98a23cad41c7a1e97d4252eb4e019a6b2a25dcd.tar.gz
cacert-devel-f98a23cad41c7a1e97d4252eb4e019a6b2a25dcd.tar.xz
cacert-devel-f98a23cad41c7a1e97d4252eb4e019a6b2a25dcd.zip
bug 1138: Be more paranoid regarding database query parameters
Diffstat (limited to 'includes/loggedin.php')
-rw-r--r--includes/loggedin.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/includes/loggedin.php b/includes/loggedin.php
index 46f0659..33e834b 100644
--- a/includes/loggedin.php
+++ b/includes/loggedin.php
@@ -43,7 +43,7 @@
//session_unregister($key);
}
- $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$uid'"));
+ $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($uid)."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else
@@ -70,7 +70,7 @@
}
$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
- "select * from `users` where `id`='".$user_id."'"));
+ "select * from `users` where `id`='".intval($user_id)."'"));
if($_SESSION['profile']['locked'] == 0)
$_SESSION['profile']['loggedin'] = 1;
else
@@ -113,7 +113,7 @@
if($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && $_SESSION['profile']['id'] > 0 && $_SESSION['profile']['loggedin'] > 0)
{
- $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' and `deleted` = 0 group by `to`";
+ $query = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
$res = mysql_query($query);
$row = mysql_fetch_assoc($res);
$_SESSION['profile']['points'] = $row['total'];
@@ -121,7 +121,7 @@
if($_SESSION['profile']['language'] == "")
{
$query = "update `users` set `language`='".L10n::get_translation()."'
- where `id`='".$_SESSION['profile']['id']."'";
+ where `id`='".intval($_SESSION['profile']['id'])."'";
mysql_query($query);
} else {
L10n::set_translation($_SESSION['profile']['language']);