diff --git a/backend/external/phplib/local.php b/backend/external/phplib/local.php index 4f8349f..0443faa 100644 --- a/backend/external/phplib/local.php +++ b/backend/external/phplib/local.php @@ -169,7 +169,7 @@ function write_cache() { WHERE name = '" . addslashes( $this->cache_name ) . "' AND - sid = '" . $this->cache_id . "'"; + sid = '" . addslashes( $this->cache_id ) . "'"; $this->cache_db->query( $sql ); break; } @@ -259,9 +259,9 @@ function read_cache( $cache_id, $check = false ) { $return = false; $sql = "SELECT val FROM " . $cms_db['db_cache'] . " WHERE - name = '" . $this->cache_name . "' + name = '" . addslashes( $this->cache_name ) . "' AND - sid = '" . $cache_id . "'"; + sid = '" . addslashes( $cache_id ) . "'"; if ( !$this->cache_db->query( $sql ) ) return; $oldmode = $this->cache_db->get_fetch_mode(); $this->cache_db->set_fetch_mode( 'DB_FETCH_ASSOC' ); @@ -428,11 +428,11 @@ function ac_checkme($id, $name) { $ret = true; $cquery = sprintf("select count(*) from %s where sid='%s' and name='%s'", $cms_db['sessions'], - $id, - $name); + addslashes($id), + addslashes($name)); $squery = sprintf("select sid from %s where sid = '%s' and name = '%s'", $cms_db['sessions'], - $id, + addslashes($id), addslashes($name)); $this->db->query($squery); if ( $this->db->affected_rows() == 0 @@ -454,8 +454,8 @@ function ac_sigleme($str, $name, $id) { $this->db->query(sprintf("delete from %s where name = '%s' and sid != '%s' and user_id = '%s'", $cms_db[sessions], addslashes($name), - $str, - $id)); + addslashes($str), + addslashes($id))); } } function ac_sigleid($name, $id) { @@ -467,11 +467,11 @@ function ac_sigleid($name, $id) { $ret = false; $cquery = sprintf("select count(*) from %s where user_id='%s' and name='%s'", $cms_db['sessions'], - $id, - $name); + addslashes($id), + addslashes($name)); $squery = sprintf("select sid from %s where user_id='%s' and name='%s'", $cms_db['sessions'], - $id, + addslashes($id), addslashes($name)); $this->db->query($squery); if ( $this->db->affected_rows() == 0