diff --git a/www/analyse.php b/www/analyse.php index 1b277b2..73fb23a 100644 --- a/www/analyse.php +++ b/www/analyse.php @@ -24,7 +24,7 @@ if($_POST['csr'] == "") { ?> -
Please paste the PEM encoded certificate signing request you would like to analyze in the text area below:
">
"._("You have opted to accept this dispute and the request will now remove this email address from the existing account, and revoke any current certificates.")."
"._("The following accounts have been removed:")."\n"; - $query = "select * from `email` where `id`='$emailid' and deleted=0"; + $query = "select * from `email` where `id`='".intval($emailid)."' and deleted=0"; $res = mysql_query($query); if(mysql_num_rows($res) > 0) { @@ -64,10 +64,10 @@ group by `emailcerts`.`id`"; $dres = mysql_query($query); while($drow = mysql_fetch_assoc($dres)) - mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'"); + mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($drow['id'])."'"); $do = `../scripts/runclient`; - $query = "update `email` set `deleted`=NOW() where `id`='$emailid'"; + $query = "update `email` set `deleted`=NOW() where `id`='".intval($emailid)."'"; mysql_query($query); } mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'");