summaryrefslogtreecommitdiff
path: root/www/alert_hash_collision.php
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2013-06-11 22:33:34 +0200
committerBenny Baumann <BenBE@geshi.org>2013-06-11 22:33:34 +0200
commit216271b2501cba5ac2724c56588fa62c725d1d69 (patch)
tree92ac053ba899c2195f411eff5bd8d01cb869c337 /www/alert_hash_collision.php
parent0913b852c9e7a335cc2700f6f7d573565218c9dc (diff)
parentf0318d79dbc69e444fee4c085cdb3ee152318e1c (diff)
downloadcacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.tar.gz
cacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.tar.xz
cacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.zip
Merge branch 'bug-1162' into testserver-stable
Conflicts: www/wot.php
Diffstat (limited to 'www/alert_hash_collision.php')
-rw-r--r--www/alert_hash_collision.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/www/alert_hash_collision.php b/www/alert_hash_collision.php
index bad60e8..f5eaa9c 100644
--- a/www/alert_hash_collision.php
+++ b/www/alert_hash_collision.php
@@ -14,13 +14,13 @@ if (!preg_match('/^(mem|org)-[0-9]+$/', @$_POST['usernym']))
if (preg_match('/^mem-[0-9]+$/', @$_POST['usernym']))
{
- mysql_query("update emailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
- mysql_query("update domaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update emailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update domaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
}
else
{
- mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
- mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
}
//exec(REPORT_WEAK . ' ' . $_POST['usernym'] . ' ' . lower($_POST['pkhash']));