AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-02 11:54:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

SQL Escape client name field to prevent potentially breaking SQL queries

Browse Source
This commit is contained in:
Marcus Hill
2023-01-02 15:06:51 +00:00
parent d86285aafd
commit fcdeee6321
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cron.php
View File

@@ -225,7 +225,7 @@ while($row = mysqli_fetch_array($sql_companies)){
$invoice_amount = $row['invoice_amount']; $invoice_amount = $row['invoice_amount'];
$invoice_currency_code = $row['invoice_currency_code']; $invoice_currency_code = $row['invoice_currency_code'];
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = $row['client_name']; $client_name = mysqli_real_escape_string($mysqli,$row['client_name']);
$contact_name = $row['contact_name']; $contact_name = $row['contact_name'];
$contact_email = $row['contact_email']; $contact_email = $row['contact_email'];