[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fmsystem-commits] [13761] prevent SQL injection
From: |
Sigurd Nes |
Subject: |
[Fmsystem-commits] [13761] prevent SQL injection |
Date: |
Mon, 24 Aug 2015 09:07:31 +0000 |
Revision: 13761
http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=13761
Author: sigurdne
Date: 2015-08-24 09:07:30 +0000 (Mon, 24 Aug 2015)
Log Message:
-----------
prevent SQL injection
Modified Paths:
--------------
trunk/phpgwapi/inc/class.db_pdo.inc.php
Modified: trunk/phpgwapi/inc/class.db_pdo.inc.php
===================================================================
--- trunk/phpgwapi/inc/class.db_pdo.inc.php 2015-08-22 00:22:05 UTC (rev
13760)
+++ trunk/phpgwapi/inc/class.db_pdo.inc.php 2015-08-24 09:07:30 UTC (rev
13761)
@@ -370,12 +370,14 @@
try
{
- if($exec)
+/*
+ if($exec) // Commented to prevent from
SQL-injection
{
$this->affected_rows =
$this->db->exec($sql);
return true;
}
else
+*/
{
$statement_object =
$this->db->query($sql);
/*
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Fmsystem-commits] [13761] prevent SQL injection,
Sigurd Nes <=