PHP Classes

Bug

Recommend this page to a friend!

      Table Simple  >  All threads  >  Bug  >  (Un) Subscribe thread alerts  
Subject:Bug
Summary:SQLi BUG
Messages:2
Author:Pablo
Date:2011-10-29 00:00:26
Update:2012-08-20 09:04:47
 

 


  1. Bug   Reply   Report abuse  
Picture of Pablo Pablo - 2011-10-29 00:00:26
BUG: Inyección SQL.
Linea 116: $this->pageToShow = $_GET["page"];

Solucion
Linea 116: $this->pageToShow = (int)$_GET["page"];

  2. Re: Bug   Reply   Report abuse  
Picture of alireza alireza - 2012-08-20 09:04:47 - In reply to message 1 from Pablo
to fix this before create the table fill 'page' variable in GET with nothing:
$_GET['page'] = "";