Menu
▾
▴
[Dynapi-CVS] CVS: dynapi3x/test/scripts storeResult.php,1.1,1.2
|
From: Andrew G. <agi...@us...> - 2005-08-23 22:59:10
|
Update of /cvsroot/dynapi/dynapi3x/test/scripts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22337 Modified Files: storeResult.php Log Message: Fixed bad SQL and strip slashes from request parameters Index: storeResult.php =================================================================== RCS file: /cvsroot/dynapi/dynapi3x/test/scripts/storeResult.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -r1.1 -r1.2 *** storeResult.php 15 Aug 2005 23:18:16 -0000 1.1 --- storeResult.php 23 Aug 2005 22:58:57 -0000 1.2 *************** *** 16,22 **** $name = $_REQUEST['name']; $passfail = $_REQUEST['passfail']; ! $comments = $_REQUEST['comments']; ! $tester = $_REQUEST['tester']; ! $agent = $_SERVER['HTTP_USER_AGENT']; $dynapiVersion = getDynAPIVersion(); $now = date("YmdHis"); --- 16,22 ---- $name = $_REQUEST['name']; $passfail = $_REQUEST['passfail']; ! $comments = stripslashes($_REQUEST['comments']); ! $tester = stripslashes($_REQUEST['tester']); ! $agent = stripslashes($_SERVER['HTTP_USER_AGENT']); $dynapiVersion = getDynAPIVersion(); $now = date("YmdHis"); *************** *** 44,48 **** or die("Could not select database $test_database_name"); ! $query = "INSERT INTO testresult (testcase_name, dynapi_version, testcase_date, passed, comments, user_agent, test_date, tester) VALUES ('$name', 'dynapi$version', '$fileMod', $passfail, '$comments', '$agent', '$now', '$tester')"; mysql_query($query) or die('Query failed: ' . mysql_error()); --- 44,48 ---- or die("Could not select database $test_database_name"); ! $query = "INSERT INTO testresult (testcase_name, dynapi_version, testcase_date, passed, comments, user_agent, test_date, tester) VALUES ('$name', '$dynapiVersion', '$fileMod', $passfail, '$comments', '$agent', '$now', '$tester')"; mysql_query($query) or die('Query failed: ' . mysql_error()); |
