Permalink
Browse files

corrected error returned on SQL injection attempt

  • Loading branch information...
1 parent c2bffb4 commit a92d5c8153b92fcf8cbfe8d70f0379afcdfe1074 @milovanderlinden milovanderlinden committed Apr 5, 2011
Showing with 5 additions and 4 deletions.
  1. +5 −4 osb.inc.php
View
@@ -25,11 +25,12 @@ function OpenStreetBlock($lat, $lon, $db, $max_nodes_expand = OSB_MAX_NODES_EXPA
# this is not really SQL safe is it?
try {
- $lat = floatval($lat);
- $lon = floatval($lon);
- $wkt_point = sprintf("Point(%f %f)", $lon, $lat);
+ $flat = floatval($lat);
+ $flon = floatval($lon);
+ $wkt_point = sprintf("Point(%f %f)", $flon, $flat);
} catch (Exception $e) {
- return 'Caught exception: ', $e->getMessage(), "\n";
+ $res['error'] = sprintf("Could not parse: %s,%s", $lat, $lon);
+ return $res;
}
# Find the way that is closes to the point in question

0 comments on commit a92d5c8

Please sign in to comment.