diff options
author | danigm <danigm@wadobo.com> | 2011-03-17 20:58:47 +0000 |
---|---|---|
committer | danigm <danigm@wadobo.com> | 2011-03-17 20:58:47 +0000 |
commit | c9c86183187905f5ba92377173039de803f40509 (patch) | |
tree | 18c4de00ec17f7858aa6af9bc84c34de8c5b0292 /admin/WebConsole/controlpostacceso.php | |
parent | 95b340a92fff58118c605bcf1ee6db72b67553b7 (diff) |
Arreglado sqlinjection en la consola web
git-svn-id: https://opengnsys.es/svn/branches/version1.0@1557 a21b9725-9963-47de-94b9-378ad31fedc9
Diffstat (limited to 'admin/WebConsole/controlpostacceso.php')
-rw-r--r-- | admin/WebConsole/controlpostacceso.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/admin/WebConsole/controlpostacceso.php b/admin/WebConsole/controlpostacceso.php index aa68c1da..777a038c 100644 --- a/admin/WebConsole/controlpostacceso.php +++ b/admin/WebConsole/controlpostacceso.php @@ -16,9 +16,9 @@ include_once("./clases/AdoPhp.php"); $idc=0; $iph=""; // Switch menu cliente - if (isset($_POST["usu"])) $usu=$_POST["usu"]; - if (isset($_POST["pss"])) $pss=$_POST["pss"]; - if (isset($_POST["idcentro"])) $idc=$_POST["idcentro"]; + if (isset($_POST["usu"])) $usu=mysql_escape_string($_POST["usu"]); + if (isset($_POST["pss"])) $pss=mysql_escape_string($_POST["pss"]); + if (isset($_POST["idcentro"])) $idc=mysql_escape_string($_POST["idcentro"]); if (isset($_GET["iph"])) $iph=$_GET["iph"]; //________________________________________________________________________________________________________ |