Thread: [Announce] EasyList for N9/N950
View Single Post
Willem Liu is offline Willem Liu
2012-05-05 , 07:32
Posts: 239 | Thanked: 194 times | Joined on Jul 2010 @ Amsterdam
#59
Originally Posted by munozferna View Post
This could be vulnerable to SQL injection (it depends on server settings):

Code:
if(isset($_GET['delete_id']))
  {
    DBConnect();
    $query = "DELETE FROM users WHERE id='" . $_GET['delete_id'] .
    "' AND username='" . $_GET['username'] .
    "' AND password='" . $_GET['password'] .
    "' AND email='" . $_GET['email'] .
    "'";
    DBQuery($query);
    $alertMsg .= "Account deleted.";
    DBDisconnect();
  }
You are right. I'll try to fix this asap.
__________________
Please give or donate your 2 cents to help me keep on going.