maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix execute of statement if variables != replacers in sql-prepare query

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-11-04 22:23:49 +01:00
parent 4b900f9b8f
commit 661c081a77
2 changed files with 10 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
admin_phpsettings.php
View File

@@ -37,6 +37,7 @@ if ($page == 'overview') {
while ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$domainresult = false;
$query_params = array('id' => $row['id']);
$query = "SELECT * FROM `".TABLE_PANEL_DOMAINS."`
WHERE `phpsettingid` = :id
@@ -44,6 +45,7 @@ if ($page == 'overview') {
if ((int)$userinfo['domains_see_all'] == 0) {
$query .= " AND `adminid` = :adminid";
$query_params['adminid'] = $userinfo['adminid'];
}
if ((int)$settings['panel']['phpconfigs_hidestdsubdomain'] == 1) {
@@ -61,7 +63,7 @@ if ($page == 'overview') {
}
$domainresult_stmt = Database::prepare($query);
Database::pexecute($domainresult_stmt, array('id' => $id, 'adminid' => $userinfo['adminid']));
Database::pexecute($domainresult_stmt, $query_params);
$domains = '';
if (Database::num_rows() > 0) {