diff options
author | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-02-02 06:37:42 +0000 |
---|---|---|
committer | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-02-02 06:37:42 +0000 |
commit | 6baf1bdda009c10acadac93035e38d2c431ca324 (patch) | |
tree | 23b4b96974ed388574da5560a7b51588b9ee3941 /frontends/php/index.php | |
parent | bf94a21c0a8d09d4da1f0c8ee0fe851a0053c6b2 (diff) | |
download | zabbix-6baf1bdda009c10acadac93035e38d2c431ca324.tar.gz zabbix-6baf1bdda009c10acadac93035e38d2c431ca324.tar.xz zabbix-6baf1bdda009c10acadac93035e38d2c431ca324.zip |
- GUI made immune to SQL injection attacks (Alexei)
git-svn-id: svn://svn.zabbix.com/trunk@2600 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/index.php')
-rw-r--r-- | frontends/php/index.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/frontends/php/index.php b/frontends/php/index.php index 88e2071c..18199872 100644 --- a/frontends/php/index.php +++ b/frontends/php/index.php @@ -83,7 +83,7 @@ if(isset($reconnect) && isset($sessionid)) { - $sql="delete from sessions where sessionid='$sessionid'"; + $sql="delete from sessions where sessionid='".zbx_ads($sessionid)."'"; DBexecute($sql); setcookie("sessionid",$sessionid,time()-3600); unset($sessionid); @@ -92,7 +92,7 @@ if(isset($enter)&&($enter=="Enter")) { $password=md5($password); - $sql="select u.userid,u.alias,u.name,u.surname,u.url,u.refresh from users u where u.alias='$name' and u.passwd='$password'"; + $sql="select u.userid,u.alias,u.name,u.surname,u.url,u.refresh from users u where u.alias='".zbx_ads($name)."' and u.passwd='".zbx_ads($password)."'"; $result=DBselect($sql); if(DBnum_rows($result)==1) { @@ -107,7 +107,7 @@ setcookie("sessionid",$sessionid,time()+3600); // Required ! $_COOKIE["sessionid"]=$sessionid; - $sql="insert into sessions (sessionid,userid,lastaccess) values ('$sessionid',".$USER_DETAILS["userid"].",".time().")"; + $sql="insert into sessions (sessionid,userid,lastaccess) values ('".zbx_ads($sessionid)."',".$USER_DETAILS["userid"].",".time().")"; DBexecute($sql); if($USER_DETAILS["url"] != '') |