claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Protect against sql injection attacks in sql INSERT statements

Browse Source
This commit is contained in:
Chris Morgan
2006-06-24 04:20:32 +00:00
committed by WineHQ
parent c31173ef9e
commit fb0f3b5dd3
20 changed files with 208 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
include/appdb.php
View File

@@ -11,7 +11,9 @@ function log_category_visit($catId)
query_appdb("UPDATE catHitStats SET count = count + 1 WHERE catHitId = $stats->catHitId");
} else
{
query_appdb("INSERT INTO catHitStats VALUES(null, null, '$REMOTE_ADDR', $catId, 1)");
query_parameters("INSERT INTO catHitStats (appHitId, time, ip, catId, count) ".
"VALUES (?, ?, '?', '?', '?')",
"null", "null", $REMOTE_ADDR, $catId, "1");
}
}
@@ -26,7 +28,9 @@ function log_application_visit($appId)
query_appdb("UPDATE appHitStats SET count = count + 1 WHERE appHitId = $stats->appHitId");
} else
{
query_appdb("INSERT INTO appHitStats VALUES(null, null, '$REMOTE_ADDR', $appId, 1)");
query_parameters("INSERT INTO appHitStats (appHitId, time, ip, appId, count) ".
"VALUES (?, ?, '?', '?', '?')",
"null", "null", $REMOTE_ADDR, $appId, "1");
}
}