~andy-freeborough/sahana-agasti/krakatoa

Viewing all changes in revision 3814.

  • Committer: Andy Freeborough
  • Date: 2011-02-12 16:04:03 UTC
  • Revision ID: andy@freeborough.com-20110212160403-zr3ayforpbzpagnc
Updated xml.php to use bound parameters when making database queries rather than building sql query strings containing the values.  This removes all possibility of an sql injection attack from xml.php.

NOTE: Other areas of the system other than xml.php may still be vulnerable.

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: