phpgroupware-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [phpGroupWare-developers] Re: sql strengthening in class.accounts_.i

From: Chris Weiss
Subject: Re: [phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.php
Date: Tue, 3 Jun 2008 10:16:58 -0500 
um, this does exactly nothing.  if you added ";" I might see it, but
this is effectively pointless.

On Tue, Jun 3, 2008 at 10:03 AM, Maât <address@hidden> wrote:
> Next patch... a tiny one for greater security.
>
> regards,
> Maât
>
>
>
>
> Index: phpgwapi/inc/accounts/class.accounts_.inc.php
> ===================================================================
> --- phpgwapi/inc/accounts/class.accounts_.inc.php       (revision 18589)
> +++ phpgwapi/inc/accounts/class.accounts_.inc.php       (working copy)
> @@ -434,7 +434,7 @@
>                function get_members()
>                {
>                        $members = array();
> -                       $sql = "SELECT acl_account FROM phpgw_acl WHERE
> acl_appname = 'phpgw_group' and acl_location =" . (int) $this->account_id;
> +                       $sql = "SELECT acl_account FROM phpgw_acl WHERE
> acl_appname = 'phpgw_group' and acl_location ='" . (int) $this->account_id .
> "'";
>                        $this->db->query($sql,__LINE__,__FILE__);
>                        while ($this->db->next_record())
>                        {
>
> _______________________________________________
> phpGroupWare-developers mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
>
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]