Skip to content

Commit

Permalink
Fixed SQL injection (thanks to Sijmen Ruwhof).
Browse files Browse the repository at this point in the history
  • Loading branch information
@derickr
derickr committed Apr 15, 2012
1 parent a9f9c30 commit 2978ad4
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion html/include/header.php
View file
Expand Up @@ -98,7 +98,7 @@ function hits ($key)
function refer () function refer ()
{ {
if (isset ($_SERVER["HTTP_REFERER"]) && !empty ($_SERVER["HTTP_REFERER"])) { if (isset ($_SERVER["HTTP_REFERER"]) && !empty ($_SERVER["HTTP_REFERER"])) {
$ref = $_SERVER["HTTP_REFERER"]; $ref = mysql_real_escape_string( $_SERVER["HTTP_REFERER"] );


$res = @mysql_query ("SELECT * FROM refer WHERE refer = '$ref'"); $res = @mysql_query ("SELECT * FROM refer WHERE refer = '$ref'");
if (@mysql_num_rows ($res) == 0) { if (@mysql_num_rows ($res) == 0) {
Expand Down

0 comments on commit 2978ad4

Please sign in to comment.