Update of /cvsroot/phpmp/phpMP/includes
In directory sc8-pr-cvs1:/tmp/cvs-serv19960
Modified Files:
user.php
Log Message:
Updated with new escapeString() function.
Index: user.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/user.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -r1.8 -r1.9
*** user.php 14 Jan 2003 22:42:31 -0000 1.8
--- user.php 31 Jan 2003 07:01:05 -0000 1.9
***************
*** 14,18 ****
global $DB;
! $sql = "SELECT * FROM " . C_USERS_TABLE . " WHERE userid=$user";
$qry = $DB->query($sql);
--- 14,18 ----
global $DB;
! $sql = "SELECT * FROM " . C_USERS_TABLE . " WHERE userid=" . $DB->escapeString($user) . ";
$qry = $DB->query($sql);
|
