Fixed a SQL injection

pull/1/head
root 16 years ago
parent f6ef0f445c
commit a71504fc3a

@ -53,7 +53,7 @@
showfooter();
exit;
} else if($id == 51 && $_GET['img'] == "show") {
$query = "select * from `tverify` where `id`='".$_GET['photoid']."' and `modified`=0";
$query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0";
$res = mysql_query($query);
if(mysql_num_rows($res))
{

Loading…
Cancel
Save