Added fix for SQL Injection

nym3r0s · Jan 22, 2015 · 28f8b05 · 28f8b05
1 parent cdff158
commit 28f8b05
Show file tree

Hide file tree

Showing 13 changed files with 28 additions and 22 deletions.
diff --git a/matchday/confirm11.php b/matchday/confirm11.php
@@ -1,13 +1,13 @@
 <?php
 session_start();
 require './../includes/dbconfig.php';
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user'])s;
 if(!isset($user))
 {
     header('Location: ./../login.php');
 }
 
-$idString = $_POST['c11'];
+$idString = mysql_real_escape_string($_POST['c11']);
 echo($idString."\n");
 $ids = explode(',',$idString);
 sort($ids);

diff --git a/matchday/index.php b/matchday/index.php
@@ -0,0 +1,3 @@
+<?php
+    header('Location: ./matchday.php');
+?>
diff --git a/matchday/matchday.php b/matchday/matchday.php
@@ -1,7 +1,7 @@
 <?php
 session_start();
 require './../includes/dbconfig.php';
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 if(!isset($user))
 {
     header('Location: ./../login.php');

diff --git a/matchday/playerInfo.php b/matchday/playerInfo.php
@@ -4,8 +4,8 @@
 
 //echo("done");
 
-$playerId = $_POST['req'];
-$user = $_SESSION['user'];
+$playerId = mysql_real_escape_string($_POST['req']);
+$user = mysql_real_escape_string($_SESSION['user']);
 
 if(!isset($user))
 {
@@ -72,7 +72,7 @@
 
         echo('<div class="row_left"> <div><b>Country</b></div> <div><b>Player Role</b></div> <div><b>Matches</b></div> <div><b>Form</b></div> <div><b>Confidence</b></div> </div>');
 
-		echo('<div class="row_right"> <div>'.$playerCountry.'</div> <div>'.$playerType.'</div> <div>'.$playerMatches.'</div> <div>'.$playerForm.'</div><div>'.$playerConfidence.'</div></div>');
+        echo('<div class="row_right"> <div>'.$playerCountry.'</div> <div>'.$playerType.'</div> <div>'.$playerMatches.'</div> <div>'.$playerForm.'</div><div>'.$playerConfidence.'</div></div>');
 
 if($playerCaptain != ""){    echo('<div class="row"><b>Captain</b></div><br>'); }
         echo('</div>');

diff --git a/matchday/squadGen.php b/matchday/squadGen.php
@@ -2,7 +2,7 @@
 session_start();
 require './../includes/dbconfig.php';
 
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 
 
 if(!isset($user))

diff --git a/transfers/balance.php b/transfers/balance.php
@@ -2,7 +2,7 @@
 session_start();
 require './../includes/dbconfig.php';
 
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 
 
 if(!isset($user))

diff --git a/transfers/confirm16.php b/transfers/confirm16.php
@@ -1,13 +1,13 @@
 <?php
 session_start();
 require './../includes/dbconfig.php';
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 if(!isset($user))
 {
     header('Location: ./../login.php');
 }
 
-$idString = $_POST['c16'];
+$idString = mysql_real_escape_string($_POST['c16']);
 $ids = explode(',',$idString);
 sort($ids);
 

diff --git a/transfers/index.php b/transfers/index.php
@@ -0,0 +1,3 @@
+<?php
+    header('Location: ./transfers.php');
+?>
diff --git a/transfers/playerInfo.php b/transfers/playerInfo.php
@@ -4,8 +4,8 @@
 
 //echo("done");
 
-$playerId = $_POST['req'];
-$user = $_SESSION['user'];
+$playerId = mysql_real_escape_string($_POST['req']);
+$user = mysql_real_escape_string($_SESSION['user']);
 
 if(!isset($user))
 {
@@ -72,7 +72,7 @@
 
         echo('<div class="row_left"> <div><b>Country</b></div> <div><b>Player Role</b></div> <div><b>Matches</b></div> <div><b>Form</b></div> <div><b>Confidence</b></div> </div>');
 
-		echo('<div class="row_right"> <div>'.$playerCountry.'</div> <div>'.$playerType.'</div> <div>'.$playerMatches.'</div> <div>'.$playerForm.'</div><div>'.$playerConfidence.'</div></div>');
+        echo('<div class="row_right"> <div>'.$playerCountry.'</div> <div>'.$playerType.'</div> <div>'.$playerMatches.'</div> <div>'.$playerForm.'</div><div>'.$playerConfidence.'</div></div>');
 
 if($playerCaptain != ""){    echo('<div class="row"><b>Captain</b></div><br>'); }
         echo('</div>');

diff --git a/transfers/playersGen.php b/transfers/playersGen.php
@@ -2,7 +2,7 @@
 session_start();
 require './../includes/dbconfig.php';
 
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 
 
 if(!isset($user))

diff --git a/transfers/remainingTransfers.php b/transfers/remainingTransfers.php
@@ -1,7 +1,7 @@
 <?php
 session_start();
 require './../includes/dbconfig.php';
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 if(!isset($user))
 {
     header('Location: ./../login.php');

diff --git a/transfers/transfers.php b/transfers/transfers.php
@@ -1,7 +1,7 @@
 <?php
 session_start();
 require './../includes/dbconfig.php';
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 if(!isset($user))
 {
     header('Location: ./../login.php');
@@ -50,11 +50,11 @@
     </nav>
 
 <!-- Nav  Ends here-->
-	<div class="transferDetails">
-		<div id="playerBalance"></div>
-		<div id="transferBalance"></div>
-	</div>
-		
+    <div class="transferDetails">
+        <div id="playerBalance"></div>
+        <div id="transferBalance"></div>
+    </div>
+
     <div id="switches">
         <div class="btn-group" role="group" aria-label="...">
             <div class="btn-group" role="group">

diff --git a/transfers/userGen.php b/transfers/userGen.php
@@ -2,7 +2,7 @@
 session_start();
 require './../includes/dbconfig.php';
 
-$user = $_SESSION['user'];
+$user = mysql_real_escape_string($_SESSION['user']);
 
 
 if(!isset($user))