Remove unrequired trim & strip tags - only needs sql escape

2023-01-02 14:32:17 +00:00 · 2023-01-02 14:32:17 +00:00 · 5a35f508c6
parent 8687f56eb0
commit 5a35f508c6
1 changed files with 1 additions and 1 deletions
--- a/api/v1/contacts/read.php
+++ b/api/v1/contacts/read.php
@ -11,7 +11,7 @@ if (isset($_GET['contact_id'])) {

 // Specific contact via email (single)
 elseif (isset($_GET['contact_email'])) {
-    $email = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['contact_email'])));
+    $email = mysqli_real_escape_string($mysqli, $_GET['contact_email']);
    $sql = mysqli_query($mysqli, "SELECT * FROM contacts WHERE contact_email = '$email' AND contact_client_id LIKE '$client_id' AND company_id = '$company_id'");
 }