summaryrefslogtreecommitdiff
path: root/www/verify.php
diff options
context:
space:
mode:
authorINOPIAE <inopiae@cacert.org>2013-04-23 22:52:26 +0200
committerINOPIAE <inopiae@cacert.org>2013-04-23 22:52:26 +0200
commitf0318d79dbc69e444fee4c085cdb3ee152318e1c (patch)
tree6265d89b3594c71028df61f5870d0ba05f6c4a2e /www/verify.php
parentef6fa684e0c1ac2155036cc2981c65482de92bfc (diff)
downloadcacert-devel-f0318d79dbc69e444fee4c085cdb3ee152318e1c.tar.gz
cacert-devel-f0318d79dbc69e444fee4c085cdb3ee152318e1c.tar.xz
cacert-devel-f0318d79dbc69e444fee4c085cdb3ee152318e1c.zip
bug 1162: exchanged mysql_escape_string to mysql_real_escape_stringbug-1162
Diffstat (limited to 'www/verify.php')
-rw-r--r--www/verify.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/www/verify.php b/www/verify.php
index 6f603e4..2e409b6 100644
--- a/www/verify.php
+++ b/www/verify.php
@@ -43,7 +43,7 @@
{
$id = 1;
$emailid = intval($_REQUEST['emailid']);
- $hash = mysql_escape_string(stripslashes($_REQUEST['hash']));
+ $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash']));
$query = "select * from `email` where `id`='$emailid' and hash!='' and deleted=0";
$res = mysql_query($query);
@@ -101,7 +101,7 @@
{
$id = 7;
$domainid = intval($_REQUEST['domainid']);
- $hash = mysql_escape_string(stripslashes($_REQUEST['hash']));
+ $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash']));
$query = "select * from `domains` where `id`='$domainid' and hash!='' and deleted=0";
$res = mysql_query($query);