Added SQL Injection prevention

The hash does not work with most email clients, needs more testing
16 years ago · 16d7b35bae
parent a8ca38dcaf
commit 16d7b35bae
1 changed files with 2 additions and 2 deletions
--- a/www/index.php
+++ b/www/index.php
@ -117,7 +117,7 @@
 				$_SESSION['_config']['errmsg'] = sprintf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
 			} else {
 				$query = "update `users` set `password`=sha1('".$_SESSION['lostpw']['pw1']."')
-						where `id`='".$_SESSION['lostpw']['user']['id']."'";
+						where `id`='".intval($_SESSION['lostpw']['user']['id'])."'";
 				mysql_query($query) || die(mysql_error());
 				showheader(_("Welcome to CAcert.org"));
 				echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
@ -538,7 +538,7 @@
 			mysql_query($query);

 			$body = _("Thanks for signing up with CAcert.org, below is the link you need to open to verify your account. Once your account is verified you will be able to start issuing certificates till your hearts' content!")."\n\n";
-			$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash&lang=".$_SESSION['_config']['language']."\n\n";
+			$body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n"; //."&"."lang=".$_SESSION['_config']['language']."\n\n";
 			$body .= _("Best regards")."\n"._("CAcert.org Support!");

 			sendmail($_SESSION['signup']['email'], "[CAcert.org] "._("Mail Probe"), $body, "support@cacert.org", "", "", "CAcert Support");