[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fmsystem-commits] [13791] booking: avoid sql-injection
From: |
Sigurd Nes |
Subject: |
[Fmsystem-commits] [13791] booking: avoid sql-injection |
Date: |
Thu, 27 Aug 2015 12:27:30 +0000 |
Revision: 13791
http://svn.sv.gnu.org/viewvc/?view=rev&root=fmsystem&revision=13791
Author: sigurdne
Date: 2015-08-27 12:27:29 +0000 (Thu, 27 Aug 2015)
Log Message:
-----------
booking: avoid sql-injection
Modified Paths:
--------------
trunk/booking/inc/class.socommon.inc.php
Modified: trunk/booking/inc/class.socommon.inc.php
===================================================================
--- trunk/booking/inc/class.socommon.inc.php 2015-08-27 00:12:15 UTC (rev
13790)
+++ trunk/booking/inc/class.socommon.inc.php 2015-08-27 12:27:29 UTC (rev
13791)
@@ -708,7 +708,10 @@
}
}
}
- $this->db->query(join($update_queries, ";\n"),
__LINE__, __FILE__);
+ foreach($update_queries as $update_query)
+ {
+ $this->db->query($update_query, __LINE__,
__FILE__);
+ }
$receipt['id'] = $id;
$receipt['message'][] = array('msg'=>lang('Entity %1
has been updated', $entry['id']));
return $receipt;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Fmsystem-commits] [13791] booking: avoid sql-injection,
Sigurd Nes <=