controlpanel.php security patch
Part One:
Find: PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
Find: PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
PHP Code:
|
Code:
SELECT * Code:
$id = $row['id']; Code:
$id = sqlesc($row['id']); Seriously? sqlesc is used for INSERT and UPDATE, not SELECT! You are now here such nonsense in the post wrote that it's just awful. :lol: Code:
$image = sqlesc(htmlspecialchars($row['image'])); htmlspecialchars ??? there are numbers and image expansion! Not a Title! You will check this title-text! Oh, how scary for people like you who do not understand how to put protection ... |
sec update
If your going to update the source why are you still using mysql instead off mysqli???
|
Yes and it be good to PDO IT as the mysqli not do it any good there be bigs in it big time
|
All times are GMT +2. The time now is 19:21. |
Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.