From a52ee4a288ec57c2983173460237e4137440a873 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Mon, 4 Dec 2006 19:54:51 +0000
Subject: SQL injektion behoben

git-svn-id: svn://svn.cccv.de/engel-system@198 29ba0400-6e00-0410-a75a-ca02368028f8
---
 www-ssl/admin/user.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'www-ssl/admin/user.php')

diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php
index 98495b99..52482992 100755
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@@ -15,7 +15,7 @@ if (!IsSet($_GET["enterUID"]))
 	echo "\n<a href=\"./user.php?enterUID=-1&Type=Secure\">Edit logout User</a><br><br>\n";
 
 	if( !isset($_GET["OrderBy"]) ) $_GET["OrderBy"] = "Nick";
-	$SQL = "SELECT * FROM User ORDER BY `". $_GET["OrderBy"]. "` ASC";
+	$SQL = "SELECT * FROM `User` ORDER BY `". $_GET["OrderBy"]. "` ASC";
 	$Erg = mysql_query($SQL, $con);
 	echo mysql_error($con);
 
@@ -96,12 +96,12 @@ if (!IsSet($_GET["enterUID"]))
 		echo "\t<td>";
 		
 		//check userCVS=OK
-		$SQL2 = "SELECT UID FROM UserCVS WHERE (UID=". mysql_result($Erg, $n, "UID"). ")";
+		$SQL2 = "SELECT `UID` FROM `UserCVS` WHERE (`UID`='". mysql_result($Erg, $n, "UID"). "')";
 		$Erg2 = mysql_query($SQL2, $con);
 		echo mysql_error($con);
 		if( mysql_num_rows($Erg2)==0)
 		{
-			$SQL3 = "INSERT INTO `UserCVS` ( `UID`) VALUES ( '". mysql_result($Erg, $n, "UID"). "');";
+			$SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('". mysql_result($Erg, $n, "UID"). "');";
 			$Erg3 = db_query($SQL3, "admin/user.php auto CVS create");
 			if( $Erg3 )
 				echo "was create<br>\n";
@@ -135,7 +135,7 @@ else
 
 	if( $_GET["Type"] == "Normal" )
 	{
-		$SQL = "SELECT * FROM User WHERE UID=". $_GET["enterUID"];
+		$SQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["enterUID"]. "'";
 		$Erg = mysql_query($SQL, $con);
 		
 		if (mysql_num_rows($Erg) != 1) 
@@ -243,7 +243,7 @@ else
 		// CVS-Rechte
 		echo "  <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
 
-		$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=". $_GET["enterUID"];
+		$SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'";
 		$Erg_CVS =  mysql_query($SQL_CVS, $con);
 		
 		if( mysql_num_rows($Erg_CVS) != 1) 
-- 
cgit v1.2.3-54-g00ecf