From 7512e8b5e7a4a5229cda1a1165e98577712f56b4 Mon Sep 17 00:00:00 2001
From: cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8>
Date: Sun, 3 Dec 2006 22:18:25 +0000
Subject: SQL injektion behoben

git-svn-id: svn://svn.cccv.de/engel-system@196 29ba0400-6e00-0410-a75a-ca02368028f8
---
 www-ssl/nonpublic/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'www-ssl/nonpublic/index.php')

diff --git a/www-ssl/nonpublic/index.php b/www-ssl/nonpublic/index.php
index b65dd9c4..20b32c00 100755
--- a/www-ssl/nonpublic/index.php
+++ b/www-ssl/nonpublic/index.php
@@ -54,7 +54,7 @@ else
 			$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
 		
 			// CVS import Data
-			$SQL = "SELECT * FROM `UserCVS` WHERE UID=".$_SESSION['UID'];
+			$SQL = "SELECT * FROM `UserCVS` WHERE UID='".$_SESSION['UID']."'";
 			$Erg_CVS =  mysql_query($SQL, $con);
 			$_SESSION['CVS'] = mysql_fetch_array($Erg_CVS);
 			
-- 
cgit v1.2.3-54-g00ecf