SF.net SVN: postfixadmin:[956] trunk/model/AliasHandler.php
Brought to you by:
christian_boltz,
gingerdog
From: <chr...@us...> - 2011-02-13 17:10:57
|
Revision: 956 http://postfixadmin.svn.sourceforge.net/postfixadmin/?rev=956&view=rev Author: christian_boltz Date: 2011-02-13 17:10:51 +0000 (Sun, 13 Feb 2011) Log Message: ----------- AliasHandler.php: - escape $address in is_mailbox_alias() Modified Paths: -------------- trunk/model/AliasHandler.php Modified: trunk/model/AliasHandler.php =================================================================== --- trunk/model/AliasHandler.php 2011-02-13 15:56:43 UTC (rev 955) +++ trunk/model/AliasHandler.php 2011-02-13 17:10:51 UTC (rev 956) @@ -69,7 +69,8 @@ } $table_mailbox = table_by_key('mailbox'); - $sql = "SELECT * FROM $table_mailbox WHERE username='$address'"; + $E_address = escape_string($address); + $sql = "SELECT * FROM $table_mailbox WHERE username='$E_address'"; $result = db_query($sql); if($result['rows'] != 1) { return false; This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |