aboutsummaryrefslogtreecommitdiff
path: root/www/functions/func_user.php
diff options
context:
space:
mode:
authorroot2014-04-20 18:55:24 +0200
committerroot2014-04-20 18:55:24 +0200
commit3c94eb3f608f9bf0dc8d19583abe273b3a67e5ff (patch)
tree9f589754331dbbab8f90f467f36a10f9a5ed99a7 /www/functions/func_user.php
parent2441480079f68bd4bc15a12d7b9b47c18ce0bd52 (diff)
downloadjungegemeinde-3c94eb3f608f9bf0dc8d19583abe273b3a67e5ff.tar.gz
Fixed XSS vulnerability.
Diffstat (limited to 'www/functions/func_user.php')
-rwxr-xr-xwww/functions/func_user.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/www/functions/func_user.php b/www/functions/func_user.php
index f044334..394a8f7 100755
--- a/www/functions/func_user.php
+++ b/www/functions/func_user.php
@@ -298,8 +298,8 @@ function user_id($db, $user){
}
function change_username($db, $oldname, $newname){
- $oldname = $db->escapeString($oldname);
- $newname = $db->escapeString($newname);
+ $oldname = $db->escapeString(htmlentities($oldname));
+ $newname = $db->escapeString(htmlentities($newname));
$check_db = $db->query("SELECT 1 FROM user WHERE name='".$newname."'");
$check_ar = $check_db->fetchArray(SQLITE3_NUM);
@@ -320,7 +320,7 @@ function change_username($db, $oldname, $newname){
}
function change_email($db, $name, $email){
- $res_db = $db->query("SELECT 1, name FROM user WHERE email='".$db->escapeString($email)."'");
+ $res_db = $db->query("SELECT 1, name FROM user WHERE email='".$db->escapeString(htmlentities($email))."'");
$res_ar = $res_db->fetchArray(SQLITE3_NUM);
if($res_ar[0] == 1){
@@ -331,7 +331,7 @@ function change_email($db, $name, $email){
if($db->exec("
BEGIN TRANSACTION;
- UPDATE user SET email='".$db->escapeString($email)."' WHERE name='".$db->escapeString($name)."';
+ UPDATE user SET email='".$db->escapeString(htmlentities($email))."' WHERE name='".$db->escapeString(htmlentities($name))."';
COMMIT;
")){
return CH_EMAIL_SUCCESS;