GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security cleanup (sqli)
[mirrors/Kyberia-bloodline.git] / trash / executorlist.inc
diff --git a/wwwroot/inc/eventz/executorlist.inc b/trash/executorlist.inc
similarity index 91%
rename from wwwroot/inc/eventz/executorlist.inc
rename to trash/executorlist.inc
index 04231bbf3a1e61b1fcb32084b2f1f4e26fc02ec3..86ac7c7cd67db466cdb3824e26c6f7b28f9fe9d2 100644 (file)
--- a/wwwroot/inc/eventz/executorlist.inc
+++ b/trash/executorlist.inc
@@ -8,7 +8,8 @@ function executorlist() {
                 return false;
         }
 
-        $executors=explode(";",$_POST['executorlist']); // XXX sqli
+        $executors=explode(";",$_POST['executorlist']);
+       $executors=array_map('mysql_real_escape_string', $executors); 
         $db->query("update node_access set node_permission='' where
                node_id=$node_id and node_permission='exec'");
         foreach ($executors as $execitpr) {
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sat, 01 Jun 2024 05:40:08 +0200)
This page took 0.096421 seconds and 4 git commands to generate.