[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.p
From: |
Maât |
Subject: |
[phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.php |
Date: |
Tue, 03 Jun 2008 17:03:56 +0200 |
User-agent: |
Thunderbird 2.0.0.14 (X11/20080504) |
Next patch... a tiny one for greater security.
regards,
Maât
Index: phpgwapi/inc/accounts/class.accounts_.inc.php
===================================================================
--- phpgwapi/inc/accounts/class.accounts_.inc.php (revision 18589)
+++ phpgwapi/inc/accounts/class.accounts_.inc.php (working copy)
@@ -434,7 +434,7 @@
function get_members()
{
$members = array();
- $sql = "SELECT acl_account FROM phpgw_acl WHERE
acl_appname = 'phpgw_group' and acl_location =" . (int) $this->account_id;
+ $sql = "SELECT acl_account FROM phpgw_acl WHERE
acl_appname = 'phpgw_group' and acl_location ='" . (int) $this->account_id .
"'";
$this->db->query($sql,__LINE__,__FILE__);
while ($this->db->next_record())
{