Remove unrequired trim & strip tags - only needs sql escape

2026-02-28 19:04:52 +00:00 · 2023-01-02 14:31:29 +00:00
parent 2454961389
commit 8687f56eb0
1 changed files with 1 additions and 1 deletions
--- a/api/v1/clients/read.php
+++ b/api/v1/clients/read.php
@@ -11,7 +11,7 @@ if (isset($_GET['client_id'])) {

 // Specific client via name (single)
 elseif (isset($_GET['client_name'])) {
-    $name = trim(strip_tags(mysqli_real_escape_string($mysqli, $_GET['client_name'])));
+    $name = mysqli_real_escape_string($mysqli, $_GET['client_name']);
    $sql = mysqli_query($mysqli, "SELECT * FROM clients WHERE client_name = '$name' AND client_id LIKE '$client_id' AND company_id = '$company_id'");
 }