GIT.Harvie.CZ
/
mirrors
/
Kyberia-bloodline.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
getUserSubmission_children fix3
[mirrors/Kyberia-bloodline.git]
/
wwwroot
/
inc
/
eventz
/
K.inc
diff --git
a/wwwroot/inc/eventz/K.inc
b/wwwroot/inc/eventz/K.inc
index 05485e4d498f7497f5dc2c5cf5b6e00ca5b4cbea..8a5aca46578437734adf0b89698db39e26973dbc 100644
(file)
--- a/
wwwroot/inc/eventz/K.inc
+++ b/
wwwroot/inc/eventz/K.inc
@@
-56,6
+56,7
@@
function K() {
$kset->next();
$user_k=$kset->getString('user_k');
$kset->next();
$user_k=$kset->getString('user_k');
+ // XXX hard coded
$senat_id = 876611;
$K_id = 1961061;
$comms = getCommanders($K_id);
$senat_id = 876611;
$K_id = 1961061;
$comms = getCommanders($K_id);
@@
-70,6
+71,11
@@
function K() {
foreach ($k as $id) {
foreach ($k as $id) {
+ // prevent sqli
+ $k = intval($k);
+ if ($k == 0) { continue; }
+
+
if ($user_k) {
$isSenat = hasAncestor(getAncestors($id), $senat_id);
if ($isSenat && !($isComm || $isSOwner)){
if ($user_k) {
$isSenat = hasAncestor(getAncestors($id), $senat_id);
if ($isSenat && !($isComm || $isSOwner)){
This page took
0.130118 seconds
and
4
git commands to generate.