Grisu/PunkteSystem-KSP
1
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

sanitize all input against xss and fixed bug with time encoding when adding result

Browse Source
This commit is contained in:
Grisu
2022-06-21 23:35:06 +02:00
parent b0478a7dd4
commit 6d74360d1d
10 changed files with 68 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/public/edit_statistics.php
View File

@@ -10,12 +10,12 @@
}
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$m_id = intval($_POST['m_id']);
$s_id = intval($_POST['s_id']);
$points = intval($_POST['points']);
$minutes = intval($_POST['minutes']);
$seconds = intval($_POST['seconds']);
$millis = intval($_POST['millis']);
$m_id = intval(sanitize_input($_POST['m_id']));
$s_id = intval(sanitize_input($_POST['s_id']));
$points = intval(sanitize_input($_POST['points']));
$minutes = intval(sanitize_input($_POST['minutes']));
$seconds = intval(sanitize_input($_POST['seconds']));
$millis = intval(sanitize_input($_POST['millis']));
if (get_points($con, $m_id, $s_id)->fetch()['punkte'] != $points) {
change_points($con, $m_id, $s_id, $points);
}