AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-02-28 10:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed password issue causing SQL escape characters to add slashes remove mysqli_real_escape_string as its not needs, md5 produces no sql escape characters by default so it it does not need santized

Browse Source
This commit is contained in:
johnny@pittpc.com
2019-09-24 14:52:53 -04:00
parent 37270183c5
commit bc61b59244
3 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
setup.php
View File

@@ -132,7 +132,7 @@ if(isset($_POST['add_user'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$password = md5(mysqli_real_escape_string($mysqli,$_POST['password']));
$password = md5($_POST['password']);
mysqli_query($mysqli,"INSERT INTO users SET name = '$name', email = '$email', password = '$password', created_at = NOW()");