claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use query_parameters() in SQL select, update and delete statements to protect against

Browse Source 
sql injection attacks
This commit is contained in:
Chris Morgan
2006-06-27 19:16:27 +00:00
committed by WineHQ
parent e6458694f4
commit e3f9e5371a
46 changed files with 602 additions and 484 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/monitor.php
View File

@@ -85,7 +85,7 @@ class Monitor {
*/
function delete($bSilent=false)
{
$hResult = query_appdb("DELETE FROM appMonitors WHERE monitorId = '".$this->iMonitorId."'");
$hResult = query_parameters("DELETE FROM appMonitors WHERE monitorId = '?'", $this->iMonitorId);
if(!$bSilent)
$this->SendNotificationMail("delete");
}