From 65ad3435addc6292e378c88ec861dc58a3a8da3d Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Wed, 13 Aug 2014 06:52:18 -0400 Subject: [PATCH] - improved input validation --- interface/lib/classes/functions.inc.php | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php index 2d87c63..8fed767 100644 --- a/interface/lib/classes/functions.inc.php +++ b/interface/lib/classes/functions.inc.php @@ -248,7 +248,7 @@ } $ips = array(); - $results = $app->db->queryAllRecords("SELECT ip_address AS ip, server_id FROM server_ip WHERE ip_type = '".$type."'"); + $results = $app->db->queryAllRecords("SELECT ip_address AS ip, server_id FROM server_ip WHERE ip_type = '".$app->db->quote($type)."'"); if(!empty($results) && is_array($results)){ foreach($results as $result){ if(preg_match($regex, $result['ip'])){ -- Gitblit v1.9.1