Mercurial > hg > privacy-dashboard / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset
mysql_real_escape_string for host default tip
authorTed Guild <ted@w3.org>
Tue, 15 Oct 2013 14:45:58 -0400
changeset 29 193356079921
parent 28 1090ad6c914b
mysql_real_escape_string for host
sharing/share.php 
--- a/sharing/share.php	Tue Oct 15 14:29:34 2013 -0400
+++ b/sharing/share.php	Tue Oct 15 14:45:58 2013 -0400
@@ -140,7 +140,7 @@
     $host = $fields[0];
 
     // use it to retrieve existing record if one exists
-    $query = "SELECT ALL FROM site_info WHERE host=".$host;
+    $query = "SELECT ALL FROM site_info WHERE host='".mysql_real_escape_string($host)."'";
 
     $result = mysql_query($query);
     $row = mysql_fetch_array($result);
privacy-dashboard

Hosted by W3C Systems Team, please report bugs to sysreq@w3.org