Skip to content
Permalink
Browse files Browse the repository at this point in the history
Update trigger_referral.php to prevent SQL Injection
  • Loading branch information
Danny Cheok committed Sep 8, 2014
1 parent f11a136 commit 7194a09
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Upload/plugins/gimmie/trigger_referral.php
Expand Up @@ -2,7 +2,7 @@
require_once(DIR . '/plugins/gimmie/functions.php');
require_once(DIR . '/plugins/gimmie/OAuth.php');

$usersql = $vbulletin->db->query_read("SELECT `userid`, `username`, `email` FROM " . TABLE_PREFIX . "user WHERE `username` = '" . $_POST['referrername'] . "'");
$usersql = $vbulletin->db->query_read("SELECT `userid`, `username`, `email` FROM " . TABLE_PREFIX . "user WHERE `username` = " . $vbulletin->db->escape_string($_POST['referrername']));
$user = $vbulletin->db->fetch_array($usersql);

$my_player_uid = $user['email'];
Expand All @@ -28,4 +28,4 @@
return;
}

?>
?>

0 comments on commit 7194a09

Please sign in to comment.