summaryrefslogtreecommitdiffstats
path: root/admin/WebConsole/controlpostacceso.php
diff options
context:
space:
mode:
authordanigm <danigm@wadobo.com>2011-03-17 20:58:47 +0000
committerdanigm <danigm@wadobo.com>2011-03-17 20:58:47 +0000
commitc9c86183187905f5ba92377173039de803f40509 (patch)
tree18c4de00ec17f7858aa6af9bc84c34de8c5b0292 /admin/WebConsole/controlpostacceso.php
parent95b340a92fff58118c605bcf1ee6db72b67553b7 (diff)
Arreglado sqlinjection en la consola web
git-svn-id: https://opengnsys.es/svn/branches/version1.0@1557 a21b9725-9963-47de-94b9-378ad31fedc9
Diffstat (limited to 'admin/WebConsole/controlpostacceso.php')
-rw-r--r--admin/WebConsole/controlpostacceso.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/admin/WebConsole/controlpostacceso.php b/admin/WebConsole/controlpostacceso.php
index aa68c1da..777a038c 100644
--- a/admin/WebConsole/controlpostacceso.php
+++ b/admin/WebConsole/controlpostacceso.php
@@ -16,9 +16,9 @@ include_once("./clases/AdoPhp.php");
$idc=0;
$iph=""; // Switch menu cliente
- if (isset($_POST["usu"])) $usu=$_POST["usu"];
- if (isset($_POST["pss"])) $pss=$_POST["pss"];
- if (isset($_POST["idcentro"])) $idc=$_POST["idcentro"];
+ if (isset($_POST["usu"])) $usu=mysql_escape_string($_POST["usu"]);
+ if (isset($_POST["pss"])) $pss=mysql_escape_string($_POST["pss"]);
+ if (isset($_POST["idcentro"])) $idc=mysql_escape_string($_POST["idcentro"]);
if (isset($_GET["iph"])) $iph=$_GET["iph"];
//________________________________________________________________________________________________________