claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Filter all user input to reduce the security impact of manipulated data

Browse Source
This commit is contained in:
EA Durbin
2006-06-17 06:10:10 +00:00
committed by WineHQ
parent 02c5682c01
commit f982c8459e
53 changed files with 988 additions and 542 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
admin/editVendor.php
View File

@@ -3,16 +3,22 @@ include("path.php");
require_once(BASE."include/incl.php");
require_once(BASE."include/vendor.php");
$aClean = array(); //array of filtered user input
$aClean['iVendorId'] = makeSafe($_REQUEST['iVendorId']);
$aClean['Submit'] = makeSafe($_REQUEST['Submit']);
$aClean['sName'] = makeSafe($_REQUEST['sName']);
$aClean['sWebpage'] = makeSafe($_REQUEST['sWebpage']);
if(!$_SESSION['current']->hasPriv("admin"))
{
errorpage();
exit;
}
$oVendor = new Vendor($_REQUEST['iVendorId']);
if($_REQUEST['Submit'])
$oVendor = new Vendor($aClean['iVendorId']);
if($aClean['Submit'])
{
$oVendor->update($_REQUEST['sName'],$_REQUEST['sWebpage']);
$oVendor->update($aClean['sName'],$aClean['sWebpage']);
redirect(apidb_fullurl("vendorview.php"));
}
else