Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update due to SQL injection exploit
  • Loading branch information
DavidJClark committed Apr 16, 2013
1 parent fee04fa commit 5cadf9c
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
4 changes: 2 additions & 2 deletions core/common/PopUpNewsData.class.php
Expand Up @@ -15,14 +15,14 @@ public function popupnewsitem($id)
{
$query = 'SELECT *
FROM ' . TABLE_PREFIX .'news
WHERE id=' . $id . ' ';
WHERE id=' . DB::escape($id) . ' ';

return DB::get_row($query);
}

public function get_news_list($howmany) {
$sql = 'SELECT id, subject, body, postedby, UNIX_TIMESTAMP(postdate) AS postdate
FROM ' . TABLE_PREFIX .'news ORDER BY postdate DESC LIMIT '.$howmany;
FROM ' . TABLE_PREFIX .'news ORDER BY postdate DESC LIMIT '.DB::escape($howmany);

return DB::get_results($sql);
}
Expand Down
4 changes: 4 additions & 0 deletions core/modules/PopUpNews/PopUpNews.php
Expand Up @@ -13,6 +13,8 @@ class PopUpNews extends CodonModule
{
public function popupnewsitem($id) {

if(!is_numeric($id)){header('Location: '.url('/'));}

$result = PopUpNewsData::popupnewsitem($id);
Template::Set('item', $result);
Template::Show('popupnews/popupnews_item.tpl');
Expand All @@ -21,6 +23,8 @@ public function popupnewsitem($id) {

public function PopUpNewsList($howmany = 5)
{
if(!is_numeric($id)){exit;}

$res = PopUpNewsData::get_news_list($howmany);

if(!$res)
Expand Down

0 comments on commit 5cadf9c

Please sign in to comment.