Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
V
VMSone
Manage
Activity
Members
Labels
Plan
Issues
1
Issue boards
Milestones
Wiki
Code
Merge requests
0
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Operate
Environments
Monitor
Incidents
Service Desk
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Designerscripte
VMSone
Commits
af557357
Commit
af557357
authored
5 years ago
by
Henoch Einbier
Browse files
Options
Downloads
Patches
Plain Diff
Update aktivieren.php
-secured PDO query with bindParam
parent
9e5caba2
2 merge requests
!46
Release 3.0
,
!15
Update aktivieren.php
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
content/intern/aktivieren.php
+4
-2
4 additions, 2 deletions
content/intern/aktivieren.php
with
4 additions
and
2 deletions
content/intern/aktivieren.php
+
4
−
2
View file @
af557357
...
...
@@ -2,7 +2,9 @@
if
(
!
isset
(
$_GET
[
'ak'
]))
$_GET
[
'ak'
]
=
""
;
$_GET
[
'ak'
]
=
addslashes
(
$_GET
[
'ak'
]);
$sql
=
sql
::
$db
->
query
(
'SELECT * FROM '
.
_VMS_
.
'_aktivierungen WHERE ak = "'
.
$_GET
[
'ak'
]
.
'" LIMIT 1'
);
$sql
=
sql
::
$db
->
prepare
(
'SELECT * FROM '
.
_VMS_
.
'_aktivierungen WHERE ak = :ak LIMIT 1'
);
$sql
->
bindParam
(
':ak'
,
$_GET
[
'ak'
],
PDO
::
PARAM_STR
);
$sql
->
execute
();
$aktivierung
=
$sql
->
fetch
();
if
(
$aktivierung
)
{
...
...
@@ -13,7 +15,7 @@ if ($aktivierung) {
head
(
$system
[
'seitenname'
]
.
" - Accountaktivierung!"
);
echo
'Die Aktivierung Deines Accounts bei '
.
$system
[
'seitenname'
]
.
' war erfolgreich,
Du kannst Dich nun bei uns
einloggen und unser Angebot in vollem Umfang nutzen.<br>
Du kannst Dich nun bei uns einloggen und unser Angebot in vollem Umfang nutzen.<br>
<br>
Solltest Du Fehler auf unserer Webseite finden dann sende uns bitte eine Email
an <a href="mailto:'
.
$system
[
'betreibermail'
]
.
'" target="_blank">'
.
$system
[
'betreibermail'
]
.
'</a><br>
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment