From 654e9b6204785d1117bfd134baa1cafdf5471b1a Mon Sep 17 00:00:00 2001
From: Henoch Einbier <axcessor@hotmail.com>
Date: Sat, 26 Oct 2019 00:08:56 +0300
Subject: [PATCH] Update refuebersicht.php -secured PDO queries with bindParam

---
 content/konto/refuebersicht.php | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/content/konto/refuebersicht.php b/content/konto/refuebersicht.php
index d19d034..d82752c 100644
--- a/content/konto/refuebersicht.php
+++ b/content/konto/refuebersicht.php
@@ -1,14 +1,16 @@
 <?php userstatus();
-
+$count = 0;
 $ebene_1 = false;
 $ebene_2 = false;
 $ebene_3 = false;
 
-$ebene1 = sql::$db->query("SELECT werber.*, u.nickname, k.last_active FROM
+$ebene1 = sql::$db->prepare("SELECT werber.*, u.nickname, k.last_active FROM
                          "._VMS_."_werberdaten AS werber
                          LEFT JOIN "._VMS_."_userdaten AS u ON u.uid = werber.uid
                          LEFT JOIN "._VMS_."_kontodaten AS k ON k.uid = werber.uid
-                   WHERE werber.werber=".$_SESSION['uid']." ORDER BY u.nickname ASC");
+                   WHERE werber.werber=:session_uid ORDER BY u.nickname ASC");
+$ebene1 -> bindParam(':session_uid', $_SESSION['uid'], PDO::PARAM_INT);
+$ebene1 -> execute();
 
 if ($ebene1->rowCount() ){
    while ($user1 = $ebene1->fetchAll() ){
@@ -30,11 +32,13 @@ if ($ebene1->rowCount() ){
         <td align="center">'.$refstatus.'</td>
     </tr>
     ';
-$ebene2 = sql::$db->query("SELECT werber.*, u.nickname, k.last_active FROM
+$ebene2 = sql::$db->prepare("SELECT werber.*, u.nickname, k.last_active FROM
                          "._VMS_."_werberdaten AS werber
                          LEFT JOIN "._VMS_."_userdaten AS u ON u.uid = werber.uid
                          LEFT JOIN "._VMS_."_kontodaten AS k ON k.uid = werber.uid
-                   WHERE werber.werber=".$user1['uid']." ORDER BY u.nickname ASC");
+                   WHERE werber.werber=:user1_uid ORDER BY u.nickname ASC");
+$ebene2 -> bindParam(':user1_uid', $user1['uid'], PDO::PARAM_INT);
+$ebene2 -> execute();
 
       while ($user2 = $ebene2->fetchAll() ){
       $ebene_2 = true;
@@ -55,11 +59,13 @@ $ebene2 = sql::$db->query("SELECT werber.*, u.nickname, k.last_active FROM
       </tr>
       ';
 
-$ebene3 = sql::$db->query("SELECT werber.*, u.nickname, k.last_active FROM
+$ebene3 = sql::$db->prepare("SELECT werber.*, u.nickname, k.last_active FROM
                          "._VMS_."_werberdaten AS werber
                          LEFT JOIN "._VMS_."_userdaten AS u ON u.uid = werber.uid
                          LEFT JOIN "._VMS_."_kontodaten AS k ON k.uid = werber.uid
-                   WHERE werber.werber=".$user2['uid']." ORDER BY u.nickname ASC");
+                   WHERE werber.werber=:user2_uid ORDER BY u.nickname ASC");
+$ebene3 -> bindParam(':user2_uid', $user2['uid'], PDO::PARAM_INT);
+$ebene3 -> execute();
 
         while ($user3 = $ebene3->fetchAll() ){
         $ebene_3 = true;
-- 
GitLab