s.probst/OpenXE
1
0
Fork 0
mirror of https://github.com/OpenXE-org/OpenXE.git synced 2024-11-14 20:17:14 +01:00
Code Issues Projects Releases Wiki Activity

#12 Logfile::addLogFile() does not escape the given parameters

Browse Source
This commit is contained in:
Roland Rusch 2023-07-19 15:18:04 +02:00
parent 9994f8c18d
commit b02da95c2f
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
www/pages/logfile.php
View File

@ -254,11 +254,14 @@ class Logfile {
} }
} }
if(is_array($meldung)) { if(is_array($meldung)) {
$meldung = $this->app->DB->real_escape_string(print_r($meldung, true)); $meldung = print_r($meldung, true);
} }
// Quick fix $module = $this->app->DB->real_escape_string($module);
$dump = $this->app->DB->real_escape_string(print_r($dump, true)); $action = $this->app->DB->real_escape_string($action);
$meldung = $this->app->DB->real_escape_string($meldung);
$dump = $this->app->DB->real_escape_string($dump);
$functionname = $this->app->DB->real_escape_string($functionname);
$this->app->DB->Insert( $this->app->DB->Insert(
sprintf( sprintf(