Skip to content
Snippets Groups Projects
Commit f71f1a82 authored by Nigel Kukard's avatar Nigel Kukard
Browse files

Properly quote MySQL query

Thanks Johan Smith

Change-Id: I53b8f2c9d7612f6c15da1900abbd219d80dc1f1d
parent 41460b76
No related branches found
No related tags found
No related merge requests found
......@@ -110,19 +110,34 @@ foreach($domains as $domain) {
# This is the template we going to use below for our updates
$querytemplate = "UPDATE tbldomains SET status = %s, registrationdate = %s, expirydate = %s, nextduedate = %s WHERE domain = %s";
$querytemplate = "UPDATE tbldomains SET status = '%s', registrationdate = '%s', expirydate = '%s', nextduedate = '%s' WHERE domain = '%s'";
# Check status and update
if ($statusres == "ok") {
mysql_query(sprintf($querytemplate,"Active",$createdate,$nextduedate,$nextduedate,$domain));
mysql_query(sprintf($querytemplate,"Active",
mysql_real_escape_string($createdate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($domain)
));
echo "Updated $domain expiry to $nextduedate\n";
} elseif ($statusres == "serverHold") {
mysql_query(sprintf($querytemplate,"Pending",$createdate,$nextduedate,$nextduedate,$domain));
mysql_query(sprintf($querytemplate,"Pending",
mysql_real_escape_string($createdate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($domain)
));
echo "Domain $domain is PENDING (Registration: $createdate, Expiry: $nextduedate)\n";
} elseif ($statusres == "expired") {
mysql_query(sprintf($querytemplate,"Expired",$createdate,$nextduedate,$nextduedate,$domain));
mysql_query(sprintf($querytemplate,"Expired",
mysql_real_escape_string($createdate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($nextduedate),
mysql_real_escape_string($domain)
));
echo "Domain $domain is EXPIRED (Registration: $createdate, Expiry: $nextduedate)\n";
} else {
echo "Domain $domain has unknown status '$statusres' (File a bug report here: http://devlabs.linuxassist.net/projects/whmcs-coza-epp/issues/new)\n";
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment