diff options
| author | Philip Häusler <msquare@notrademark.de> | 2011-06-13 19:34:01 +0200 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2011-06-13 19:34:01 +0200 |
| commit | 3d15b591e3f4196846fff005cc800feb383073c7 (patch) | |
| tree | 3b4385f7efb6b818485e9e3fbaded249e8607d7e /includes/pages/user_news.php | |
| parent | 0b2d976b81195b3d7a2ab50da6f1e0edba59e5ce (diff) | |
cleanup, security sql fixes
Diffstat (limited to 'includes/pages/user_news.php')
| -rw-r--r-- | includes/pages/user_news.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 818c2da2..48b3764c 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -9,7 +9,7 @@ function user_meetings() { else $page = 0; - $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS); + $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `ID` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); foreach ($news as $entry) $html .= display_news($entry); @@ -54,7 +54,7 @@ function user_news_comments() { $html = ""; if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) { $nid = $_REQUEST["nid"]; - list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1"); + list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($nid) . " LIMIT 1"); if (isset ($_REQUEST["text"])) { $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); @@ -66,7 +66,7 @@ function user_news_comments() { $html .= '<h2>Kommentare</h2>'; - $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'"); + $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); foreach ($comments as $comment) { $html .= '<article class="news_comment">'; $html .= DisplayAvatar($comment['UID']); @@ -122,7 +122,7 @@ function user_news() { else $page = 0; - $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS); + $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); foreach ($news as $entry) $html .= display_news($entry); |