oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

took additional measures to prevent sql injection

Browse source
This commit is contained in:
JT Smith 2004-05-02 16:15:33 +00:00
parent 045997bc93
commit a293678acd
10 changed files with 29 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/WebGUI/Wobject/EventsCalendar.pm
View file

@ -353,7 +353,7 @@ sub www_editEventSave {
} else {
WebGUI::SQL->write("update EventsCalendar_event set name=".quote($session{form}{name}).",
description=".quote($session{form}{description}).", startDate=".$startDate[0].",
endDate=".$endDate[0]." where EventsCalendar_eventId=$session{form}{eid}");
endDate=".$endDate[0]." where EventsCalendar_eventId=".quote($session{form}{eid}));
}
if ($session{form}{proceed} eq "addEvent") {
$session{form}{eid} = "new";