phpgroupware-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.p

From: Maât
Subject: [phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.php
Date: Tue, 03 Jun 2008 17:03:56 +0200
User-agent: Thunderbird 2.0.0.14 (X11/20080504) 
Next patch... a tiny one for greater security.

regards,
Maât




Index: phpgwapi/inc/accounts/class.accounts_.inc.php
===================================================================
--- phpgwapi/inc/accounts/class.accounts_.inc.php       (revision 18589)
+++ phpgwapi/inc/accounts/class.accounts_.inc.php       (working copy)
@@ -434,7 +434,7 @@
                function get_members()
                {
                        $members = array();
-                       $sql = "SELECT acl_account FROM phpgw_acl WHERE 
acl_appname = 'phpgw_group' and acl_location =" . (int) $this->account_id;
+                       $sql = "SELECT acl_account FROM phpgw_acl WHERE 
acl_appname = 'phpgw_group' and acl_location ='" . (int) $this->account_id . 
"'";
                        $this->db->query($sql,__LINE__,__FILE__);
                        while ($this->db->next_record())
                        {
reply via email to
[Prev in Thread] Current Thread [Next in Thread]