From 30ee094c864af66d13694c7804755f9539e5b626 Mon Sep 17 00:00:00 2001 From: cookie Date: Sun, 3 Dec 2006 22:13:38 +0000 Subject: [PATCH] SQL injektion behoben git-svn-id: svn://svn.cccv.de/engel-system@195 29ba0400-6e00-0410-a75a-ca02368028f8 --- www-ssl/nonpublic/news_comments.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/www-ssl/nonpublic/news_comments.php b/www-ssl/nonpublic/news_comments.php index 99b42072..6e303cea 100755 --- a/www-ssl/nonpublic/news_comments.php +++ b/www-ssl/nonpublic/news_comments.php @@ -22,7 +22,7 @@ if( IsSet( $_GET["text"])) } } -$SQL = "SELECT * FROM news_comments where Refid = ". $_GET["nid"]. " ORDER BY 'ID'"; +$SQL = "SELECT * FROM news_comments where Refid = '". $_GET["nid"]. "' ORDER BY 'ID'"; $Erg = mysql_query($SQL, $con); echo mysql_error( $con); // anzahl zeilen