noalyss-commit
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Noalyss-commit] [noalyss] 07/08: Security : improve a potential weaknes

From: Dany De Bontridder
Subject: [Noalyss-commit] [noalyss] 07/08: Security : improve a potential weakness
Date: Sat, 25 Mar 2017 08:29:40 -0400 (EDT) 
sparkyx pushed a commit to branch master
in repository noalyss.

commit 561bd84f4350e96ebc9d12a8c4f8a01db88426bf
Author: Dany De Bontridder <address@hidden>
Date:   Sat Mar 25 13:28:49 2017 +0100

    Security : improve a potential weakness
---
 include/class/class_user.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/class/class_user.php b/include/class/class_user.php
index 7a880e6..4a0aa31 100644
--- a/include/class/class_user.php
+++ b/include/class/class_user.php
@@ -168,10 +168,10 @@ class User
                $sql = "select ac_users.use_login,ac_users.use_active, 
ac_users.use_pass,
              use_admin,use_first_name,use_name
              from ac_users
-             where ac_users.use_id='$this->id'
+             where ac_users.use_id=$1 
              and ac_users.use_active=1
-             and ac_users.use_pass='$pass5'";
-               $ret = $cn->exec_sql($sql);
+             and ac_users.use_pass=$2";
+               $ret = $cn->exec_sql($sql,array($this->id,$pass5));
                $res = Database::num_row($ret);
                if ($res > 0)
                {
reply via email to
[Prev in Thread] Current Thread [Next in Thread]