Skip to content
Snippets Groups Projects
Commit 9c236bba authored by Jonas Leder's avatar Jonas Leder
Browse files

fix two times sql injection possible

parent b4371f8d
No related branches found
No related tags found
1 merge request!10fix two times sql injection possible
Pipeline #7257 passed
Stage: build
Hide whitespace changes
Inline Side-by-side
public/API/queries/blogPost.php
+ 2
1
View file @ 9c236bba
......@@ -39,6 +39,7 @@ function blogPost($id, $conn)
function blogPosts($count, $contentLength, $conn)
{
$response = [];
$count = $conn->real_escape_string($count);
$result = $conn->query("SELECT * FROM posts order by id desc limit $count");
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
......@@ -62,4 +63,4 @@ function blogPosts($count, $contentLength, $conn)
}
return $response;
}
\ No newline at end of file
}
public/API/queries/comments.php
+ 1
0
View file @ 9c236bba
......@@ -18,6 +18,7 @@ $commentField = new ObjectType([
function comments($article, $conn)
{
$response = [];
$article = $conn->real_escape_string($article);
$result = $conn->query("SELECT * FROM comments WHERE article='$article'");
while ($row = $result->fetch_assoc()) {
$commentElement = [
......
public/API/queries/skills.php
+ 1
1
View file @ 9c236bba
......@@ -20,4 +20,4 @@ function getSkills() {
array_push($response, $skill["Key"]);
}
return $response;
}
\ No newline at end of file
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment