Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix potential SQLi in alerts/verify #645
  • Loading branch information
rjmackay committed Jul 30, 2012
1 parent a3f762e commit fdb48d1
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions application/controllers/alerts.php
Expand Up @@ -224,11 +224,11 @@ public function verify()
{
if (isset($_POST['alert_mobile']) AND ! empty($_POST['alert_mobile']))
{
$filter = "alert.alert_type=1 AND alert_code='".utf8::strtoupper($_POST['alert_code'])."' AND alert_recipient='".$_POST['alert_mobile']."' ";
$filter = "alert.alert_type=1 AND alert_code='".Database::instance()->escape_str(utf8::strtoupper($_POST['alert_code']))."' AND alert_recipient='".Database::instance()->escape_str($_POST['alert_mobile'])."' ";
}
elseif (isset($_POST['alert_email']) AND ! empty($_POST['alert_email']))
{
$filter = "alert.alert_type=2 AND alert_code='".$_POST['alert_code']."' AND alert_recipient='".$_POST['alert_email']."' ";
$filter = "alert.alert_type=2 AND alert_code='".Database::instance()->escape_str($_POST['alert_code'])."' AND alert_recipient='".Database::instance()->escape_str($_POST['alert_email'])."' ";
}
else
{
Expand All @@ -243,7 +243,7 @@ public function verify()
}
else
{
$filter = "alert.alert_type=2 AND alert_code='".$code."' AND alert_recipient='".$email."' ";
$filter = "alert.alert_type=2 AND alert_code='".Database::instance()->escape_str($code)."' AND alert_recipient='".Database::instance()->escape_str($email)."' ";
}
}

Expand Down

0 comments on commit fdb48d1

Please sign in to comment.