chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[svn r21108] Fixed vulnerable get parameter: student and course - partial FS#4261

Browse Source
skala
Cristian Fasanando 17 years ago
parent f9e87aed50
commit f2192ca081
1 changed files with 3 additions and 3 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      main/mySpace/access_details.php

6
main/mySpace/access_details.php
Unescape View File

@ -123,8 +123,8 @@ function calculHours($seconds)
}
/* MAIN */
$user_id = Database::escape_string($_REQUEST['student']);
$course_code=Database::escape_string($_REQUEST['course']);
$user_id = Security::remove_XSS($_REQUEST['student']);
$course_code=Security::remove_XSS($_REQUEST['course']);
include_once(api_get_path(LIBRARY_PATH).'pchart/pData.class.php');
include_once(api_get_path(LIBRARY_PATH).'pchart/pChart.class.php');
@ -280,7 +280,7 @@ $(function() {
Display :: display_header('');
$TBL_USERINFO_DEF = Database :: get_course_table(TABLE_USER_INFO);
$mainUserInfo = api_get_user_info($user_id, $course_code);
$mainUserInfo = api_get_user_info($user_id);
$result_to_print = '';
$main_date_array = array();

Write Preview
Loading…
Cancel
Save