GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
configure_content node_content sql injection vulnerability fixed
[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / configure_content.inc
diff --git a/wwwroot/inc/eventz/configure_content.inc b/wwwroot/inc/eventz/configure_content.inc
index 0d089a9640a2b682b8d5b1657fb2c9c4950b5abb..f726b64ae9c19f04550fb4506eee1c99b5d0314a 100644 (file)
--- a/wwwroot/inc/eventz/configure_content.inc
+++ b/wwwroot/inc/eventz/configure_content.inc
@@ -33,9 +33,10 @@ function configure_content() {
             node_descendant_count,lastdescendant_created,template_id, NOW()
             from nodes where node_id = '$node_id'";
     $db->query($qtiamat);
-    $qu = "update nodes set node_content = '$node_content' where node_id = '$node_id'";
+
+    $qu = "update nodes set node_content = '".mysql_real_espace_string($node_content)."' where node_id = '$node_id'";
     $result = $db->update($qu);
-    $qu2 = "update node_content set node_content = '$node_content' where node_id = '$node_id'";
+    $qu2 = "update node_content set node_content = '".mysql_real_espace_string($node_content)."' where node_id = '$node_id'";
     $result = $db->update($qu2);
 
     return true;
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sat, 15 Jun 2024 11:30:09 +0200)
This page took 0.133998 seconds and 4 git commands to generate.