summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2011-06-03 11:24:22 +0200
committerDaniel Friesel <derf@finalrewind.org>2011-06-03 11:24:22 +0200
commit554bd796dc7aed67b6810e2ae3f30ba66bf263e3 (patch)
treed323a61b47d38194804eba78e115bb8e64d8985d /includes
parent93dd7113b13b06de1701b216b77bb73e76421fb5 (diff)
includes/sys_auth: Add sql_escape, just to be safe
Diffstat (limited to 'includes')
-rw-r--r--includes/sys_auth.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
index 68e336b0..009be2d8 100644
--- a/includes/sys_auth.php
+++ b/includes/sys_auth.php
@@ -19,7 +19,10 @@ function load_auth() {
if (count($user) > 0) {
// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
list ($user) = $user;
- sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;");
+ sql_query("UPDATE `User` SET "
+ . "`lastLogIn` = '" . time() . "'"
+ . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;"
+ );
} else
unset ($_SESSION['uid']);
}
@@ -52,4 +55,4 @@ function PassCrypt($passwort) {
return md5($passwort);
}
}
-?> \ No newline at end of file
+?>