From 7f02d479140d2c47e9359191ed2a7d687c6b9a33 Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Wed, 30 Apr 2014 20:13:28 +0200 Subject: bug 1138: And yet another bunch of escaping --- stamp/common.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'stamp') diff --git a/stamp/common.php b/stamp/common.php index d0a71f4..d99a23a 100644 --- a/stamp/common.php +++ b/stamp/common.php @@ -41,9 +41,9 @@ if($row['certid'] > 0) { if($row['org'] == 0) - $query = "select * from `domaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0"; + $query = "select * from `domaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0"; else - $query = "select * from `orgdomaincerts` where `id`='$row[certid]' and `expire`>NOW() and `revoked`=0"; + $query = "select * from `orgdomaincerts` where `id`='".intval($row['certid'])."' and `expire`>NOW() and `revoked`=0"; if($_REQUEST['debug'] == 1) echo $query."
\n"; $res = mysql_query($query); -- cgit v1.2.1