Skip to content
Permalink
Browse files Browse the repository at this point in the history
* htdocs/admin/save_taxes.php: fixed another SQL injection
  • Loading branch information
cyril-bouthors committed Sep 18, 2013
1 parent 6cfeb2f commit 306f170
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions htdocs/admin/save_taxes.php
Expand Up @@ -33,6 +33,7 @@
must_login();

if ($_GET['action'] == "delete") {
$_GET['id'] = mysql_real_escape_string($_GET['id']);
mysql_query("DELETE FROM webfinance_pref WHERE id_pref=".$_GET['id']);
$_SESSION['message'] = _('Tax deleted');
header("Location: preferences.php?tab=Taxes");
Expand Down

0 comments on commit 306f170

Please sign in to comment.