From 5b2702ac0a9ba1b5f52fd88546676c16cc601a63 Mon Sep 17 00:00:00 2001
From: Henoch Einbier <axcessor@hotmail.com>
Date: Sat, 26 Oct 2019 00:11:10 +0300
Subject: [PATCH] Update userprofil.php -secured PDO queries with bindParam
---
content/konto/userprofil.php | 97 ++++++++++++++++++++++++++----------
1 file changed, 72 insertions(+), 25 deletions(-)
diff --git a/content/konto/userprofil.php b/content/konto/userprofil.php
index 6001f2b..3f5c30b 100644
--- a/content/konto/userprofil.php
+++ b/content/konto/userprofil.php
@@ -14,20 +14,37 @@ if (!isset($mailstatus)) $mailstatus = "";
if (!isset($delchange)) $delchange = "";
if ($_POST['acc_del'] == 'Jetzt löschen!' && $_POST['del_passwort']) {
- $schnittstelle = mysql_fetch_array(db_query("SELECT `passwort` FROM " . _VMS_ . "_kontodaten LIMIT 1")) or die("Userinfo");
+ $sql = sql::$db->query("SELECT `passwort` FROM " . _VMS_ . "_kontodaten LIMIT 1") or die("Userinfo");
+ $schnittstelle = $sql->fetch();
if ($schnittstelle['passwort'] != md5($_GET['del_passwort'])) {
echo 'Passwort falsch';
} else {
$sperrzeit = time() + (86400 * 30);
- db_query("DELETE FROM " . _VMS_ . "_kontodaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . _VMS_ . "_emaildaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . _VMS_ . "_userdaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("DELETE FROM " . _VMS_ . "_werberdaten WHERE uid=" . $_SESSION['uid'] . "");
- db_query("UPDATE " . _VMS_ . "_werberdaten SET werber = 0 WHERE werber=" . $_SESSION['uid'] . "");
- db_query ('DELETE FROM ' . _VMS_ . '_admin_abuse WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_buchungen WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_reloads WHERE uid = ' . $_SESSION['uid']);
- db_query ('DELETE FROM vms_schnittstelle_anfragen WHERE uid = ' . $_SESSION['uid']);
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_kontodaten WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_emaildaten WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_userdaten WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_werberdaten WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("UPDATE " . _VMS_ . "_werberdaten SET werber = 0 WHERE werber=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ //db_query ('DELETE FROM ' . _VMS_ . '_admin_abuse WHERE uid = ' . $_SESSION['uid']); //tabelle existiert nicht
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_buchungen WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_reloads WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("DELETE FROM " . _VMS_ . "_schnittstelle_anfragen WHERE uid=:session_uid");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
}
}
@@ -37,7 +54,10 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
if ($_POST['pwd'] && $_POST['pwd2']) {
if ($_POST['pwd'] == $_POST['pwd2']) {
if (strlen($_POST['pwd']) >= 8) {
- db_query("UPDATE " . _VMS_ . "_kontodaten SET passwort = '" . md5($_POST['pwd']) . "' WHERE uid=" . $_SESSION['uid'] . "");
+ $sql = sql::$db->prepare("UPDATE " . _VMS_ . "_kontodaten SET passwort = :pass WHERE uid = :session_uid");
+ $sql -> bindParam(':pass', md5($_POST['pwd']), PDO::PARAM_STR);
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
echo '<meta http-equiv="refresh" content="0; URL=http://' . $_SERVER['HTTP_HOST'] . '/?content=/intern/startseite&logout=true">';
// $change .= 'Das Passwort wurde geändert!<br><b><font color="#FF0000">Bitte logge Dich jetzt aus und wieder neu ein!</font></b><br>';
} else {
@@ -51,15 +71,24 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
// Nickname ändern beginn !
if ($_POST['aendern'] == 'Jetzt ändern!') {
if (isset ($_POST['nickname'])) {
- $nickname = mysql_real_escape_string(ucfirst($_POST['nickname']));
- $nickname_check = db_query ("SELECT `nickname` FROM " . _VMS_ . "_userdaten WHERE nickname='" . $nickname . "'");
- $nickname_check2 = db_query ("SELECT `nickname` FROM " . _VMS_ . "_userdaten WHERE nickname='" . $nickname . "'AND uid=" . $_SESSION['uid'] . "");
- if (mysql_num_rows($nickname_check))
- if (mysql_num_rows($nickname_check2)) {
+ $nickname = ucfirst($_POST['nickname']);
+ $nickname_check = sql::$db->prepare("SELECT `nickname` FROM " . _VMS_ . "_userdaten WHERE nickname = :nickname");
+ $nickname_check -> bindParam(':nickname', $nickname, PDO::PARAM_STR);
+ $nickname_check -> execute();
+ $nickname_check2 = sql::$db->prepare("SELECT `nickname` FROM " . _VMS_ . "_userdaten WHERE nickname = :nickname AND uid = :session_uid");
+ $nickname_check2 -> bindParam(':nickname', $nickname, PDO::PARAM_STR);
+ $nickname_check2 -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_STR);
+ $nickname_check2 -> execute();
+
+ if ($nickname_check->rowCount() )
+ if ($nickname_check2->rowCount() ) {
} else {
$change = 'Dieser Nickname ist schon vergeben!<br>';
} else {
- db_query("UPDATE " . _VMS_ . "_userdaten SET nickname = '" . $nickname . "' WHERE uid=" . $_SESSION['uid'] . "");
+ $sql = sql::$db->prepare("UPDATE " . _VMS_ . "_userdaten SET nickname = :nickname WHERE uid = :session_uid");
+ $sql -> bindParam(':nickname', $nickname, PDO::PARAM_STR);
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_STR);
+ $sql -> execute();
}
}
}
@@ -71,13 +100,23 @@ if ($_POST['aendern'] == 'Jetzt ändern!') {
if ($_POST['newsletter'] == 0 and $_POST['paidmails'] == 1) $mailstatus = 2;
if ($_POST['newsletter'] == 1 and $_POST['paidmails'] == 1) $mailstatus = 3;
$_POST['max_forced'] = (int)$_POST['max_forced'];
- db_query("UPDATE " . _VMS_ . "_emaildaten SET freigabe_fuer = " . $mailstatus . ", emailadresse = '" . $_POST['emailadresse'] . "' WHERE uid=" . $_SESSION['uid'] . "");
- db_query("UPDATE " . _VMS_ . "_userdaten SET max_forced = '" . $_POST['max_forced'] . "' WHERE uid=" . $_SESSION['uid'] . "");
+ $sql = sql::$db->prepare("UPDATE " . _VMS_ . "_emaildaten SET freigabe_fuer = :mailstatus, emailadresse = :emailadresse WHERE uid = :session_uid");
+ $sql -> bindParam(':mailstatus', $mailstatus, PDO::PARAM_INT);
+ $sql -> bindParam(':emailadresse', $_POST['emailadresse'], PDO::PARAM_STR);
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+ $sql = sql::$db->prepare("UPDATE " . _VMS_ . "_userdaten SET max_forced = :max_forced WHERE uid = :session_uid");
+ $sql -> bindParam(':max_forced', $_POST['max_forced'], PDO::PARAM_STR);
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
$change .= 'Deine Daten wurden aktualisiert!<br>';
}
}
- $sql = sql::$db->query("SELECT u.*,e.emailadresse,e.freigabe_fuer FROM " . _VMS_ . "_userdaten AS u LEFT JOIN " . _VMS_ . "_emaildaten AS e ON e.uid=u.uid WHERE u.uid=" . $_SESSION['uid'] . " LIMIT 1");
+ $sql = sql::$db->prepare("SELECT u.*,e.emailadresse,e.freigabe_fuer FROM " . _VMS_ . "_userdaten AS u LEFT JOIN " . _VMS_ . "_emaildaten AS e ON e.uid=u.uid WHERE u.uid = :session_uid LIMIT 1");
+ $sql -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $sql -> execute();
+
$info = $sql->fetch();
if ($info['freigabe_fuer'] == 0) {
@@ -184,7 +223,10 @@ die Paidmails wenn Du keine haben möchtest!<br>
head("Externe Konten");
if (isset($_POST['veri'])) {
- $schnittstelle = mysql_fetch_array(db_query("SELECT * FROM " . _VMS_ . "_schnittstelle WHERE schnittstelle='" . $_POST['schnittstelle'] . "' AND aktiv > 0 LIMIT 1"));
+ $sql = sql::$db->prepare("SELECT * FROM " . _VMS_ . "_schnittstelle WHERE schnittstelle = :schnittstelle AND aktiv > 0 LIMIT 1");
+ $sql -> bindParam(':schnittstelle', $_POST['schnittstelle'], PDO::PARAM_STR);
+ $sql -> execute();
+ $schnittstelle = $sql->fetch();
// User beim Betreiber prüfen
$sql = sql::$db->prepare("INSERT INTO " . _VMS_ . "_schnittstelle_anfragen (zeit,uid) VALUES (?,?)");
$sql->execute(array( $tag, $_SESSION['uid'] ));
@@ -193,12 +235,14 @@ die Paidmails wenn Du keine haben möchtest!<br>
$error = $trans_ausgabe;
print_r($error);
if (!$error) {
- $sql = sql::$db->prepare("INSERT INTO " . _VMS_ . "_multi_konten (uid, kontoid, waehrung) VALUES(?,?,?) ON DUPLICATE KEY UPDATE kontoid='" . $_POST['veri_id'] . "'");
- $sql->execute(array( $_SESSION['uid'], $_POST['veri_id'], $_POST['schnittstelle'] ));
+ $sql = sql::$db->prepare("INSERT INTO " . _VMS_ . "_multi_konten (uid, kontoid, waehrung) VALUES(?,?,?) ON DUPLICATE KEY UPDATE kontoid=?");
+ $sql->execute(array( $_SESSION['uid'], $_POST['veri_id'], $_POST['schnittstelle'], $_POST['veri_id'] ));
}
}
- $moeglichkeiten_q = sql::$db->query('SELECT schnittstelle FROM ' . _VMS_ . '_schnittstelle WHERE aktiv > 0 AND schnittstelle NOT IN (SELECT waehrung AS schnittstelle FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . ')');
+ $moeglichkeiten_q = sql::$db->prepare('SELECT schnittstelle FROM ' . _VMS_ . '_schnittstelle WHERE aktiv > 0 AND schnittstelle NOT IN (SELECT waehrung AS schnittstelle FROM vms_multi_konten WHERE uid = :session_uid)');
+ $moeglichkeiten_q -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $moeglichkeiten_q -> execute();
?>
<form action="" method="post">
@@ -230,7 +274,10 @@ die Paidmails wenn Du keine haben möchtest!<br>
Bereits verifiziert:<br />
<table>
<?php
- $veri = sql::$db->query('SELECT * FROM vms_multi_konten WHERE uid=' . $_SESSION['uid'] . '');
+ $veri = sql::$db->prepare('SELECT * FROM vms_multi_konten WHERE uid=:session_uid');
+ $veri -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+ $veri -> execute();
+
while ($verid = $veri->fetch() ) { ?>
<tr>
<td><?php echo $verid['waehrung']; ?>:</td>
--
GitLab