Skip to content

Commit 6cfeb2f

Browse files
* htdocs/admin/save_roles.php: fixed SQL injection, yet again
1 parent 7e86e1c commit 6cfeb2f

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

Diff for: htdocs/admin/save_roles.php

+1
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
must_login();
3434

3535
if ($_GET['action'] == "delete") {
36+
$_GET['id'] = mysql_real_escape_string($_GET['id']);
3637
mysql_query("DELETE FROM webfinance_roles WHERE id_role=".$_GET['id']);
3738
$_SESSION['message'] = _('Role deleted');
3839
header("Location: preferences.php?tab=Role");

0 commit comments

Comments
 (0)