diff options
author | Philip Häusler <msquare@notrademark.de> | 2014-12-28 13:44:56 +0100 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2014-12-28 13:44:56 +0100 |
commit | 6bede2fd229395f34c321a37efa2ea93e7b1a7ba (patch) | |
tree | a20c74d5bdddae9e1ec9a988e1ba468371a4a995 /includes/pages/user_questions.php | |
parent | a6ab81b834fe91b0f0704a7db33e377c8dc63a23 (diff) |
harden the sql queries
Diffstat (limited to 'includes/pages/user_questions.php')
-rw-r--r-- | includes/pages/user_questions.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index be7f9930..0a2786d1 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -7,9 +7,9 @@ function user_questions() { global $user; if (! isset($_REQUEST['action'])) { - $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`=" . sql_escape($user['UID'])); + $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); - $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`=" . sql_escape($user['UID'])); + $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); foreach ($answered_questions as &$question) { $answer_user_source = User($question['AID']); if ($answer_user_source === false) @@ -23,7 +23,7 @@ function user_questions() { case 'ask': $question = strip_request_item_nl('question'); if ($question != "") { - $result = sql_query("INSERT INTO `Questions` SET `UID`=" . sql_escape($user['UID']) . ", `Question`='" . sql_escape($question) . "'"); + $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'"); if ($result === false) engelsystem_error(_("Unable to save question.")); success(_("You question was saved.")); @@ -39,9 +39,9 @@ function user_questions() { else return error(_("Incomplete call, missing Question ID."), true); - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Questions` WHERE `QID`=" . sql_escape($id) . " LIMIT 1"); + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($id) . "' LIMIT 1"); redirect(page_link_to("user_questions")); } else return page_with_title(questions_title(), array( |