diff options
| author | Daniel Friesel <derf@finalrewind.org> | 2011-06-03 11:24:22 +0200 |
|---|---|---|
| committer | Daniel Friesel <derf@finalrewind.org> | 2011-06-03 11:24:22 +0200 |
| commit | 554bd796dc7aed67b6810e2ae3f30ba66bf263e3 (patch) | |
| tree | d323a61b47d38194804eba78e115bb8e64d8985d /includes | |
| parent | 93dd7113b13b06de1701b216b77bb73e76421fb5 (diff) | |
includes/sys_auth: Add sql_escape, just to be safe
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/sys_auth.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 68e336b0..009be2d8 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -19,7 +19,10 @@ function load_auth() { if (count($user) > 0) { // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten list ($user) = $user; - sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;"); + sql_query("UPDATE `User` SET " + . "`lastLogIn` = '" . time() . "'" + . " WHERE `UID` = '" . sql_escape($_SESSION['uid']) . "' LIMIT 1;" + ); } else unset ($_SESSION['uid']); } @@ -52,4 +55,4 @@ function PassCrypt($passwort) { return md5($passwort); } } -?>
\ No newline at end of file +?> |