[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [phpGroupWare-developers] Re: sql strengthening in class.accounts_.i
From: |
Chris Weiss |
Subject: |
Re: [phpGroupWare-developers] Re: sql strengthening in class.accounts_.inc.php |
Date: |
Tue, 3 Jun 2008 10:16:58 -0500 |
um, this does exactly nothing. if you added ";" I might see it, but
this is effectively pointless.
On Tue, Jun 3, 2008 at 10:03 AM, Maât <address@hidden> wrote:
> Next patch... a tiny one for greater security.
>
> regards,
> Maât
>
>
>
>
> Index: phpgwapi/inc/accounts/class.accounts_.inc.php
> ===================================================================
> --- phpgwapi/inc/accounts/class.accounts_.inc.php (revision 18589)
> +++ phpgwapi/inc/accounts/class.accounts_.inc.php (working copy)
> @@ -434,7 +434,7 @@
> function get_members()
> {
> $members = array();
> - $sql = "SELECT acl_account FROM phpgw_acl WHERE
> acl_appname = 'phpgw_group' and acl_location =" . (int) $this->account_id;
> + $sql = "SELECT acl_account FROM phpgw_acl WHERE
> acl_appname = 'phpgw_group' and acl_location ='" . (int) $this->account_id .
> "'";
> $this->db->query($sql,__LINE__,__FILE__);
> while ($this->db->next_record())
> {
>
> _______________________________________________
> phpGroupWare-developers mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/phpgroupware-developers
>
>