mirror of
https://github.com/renbaoshuo/S2OJ.git
synced 2024-11-22 12:58:40 +00:00
fix: escape realname
This commit is contained in:
parent
09d4fa0515
commit
5253b23848
@ -38,7 +38,7 @@
|
|||||||
$register_form->handle = function() {
|
$register_form->handle = function() {
|
||||||
$new_username = $_POST['new_username'];
|
$new_username = $_POST['new_username'];
|
||||||
$new_password = $_POST['new_password'];
|
$new_password = $_POST['new_password'];
|
||||||
$new_realname = $_POST['new_realname'];
|
$new_realname = DB::escape($_POST['new_realname']);
|
||||||
$new_password = hash_hmac('md5', $new_password, getPasswordClientSalt());
|
$new_password = hash_hmac('md5', $new_password, getPasswordClientSalt());
|
||||||
$new_password = getPasswordToStore($new_password, $new_username);
|
$new_password = getPasswordToStore($new_password, $new_username);
|
||||||
$svn_pw = uojRandString(10);
|
$svn_pw = uojRandString(10);
|
||||||
@ -99,7 +99,7 @@
|
|||||||
);
|
);
|
||||||
$change_realname_form->handle = function() {
|
$change_realname_form->handle = function() {
|
||||||
$r_username = $_POST['r_username'];
|
$r_username = $_POST['r_username'];
|
||||||
$r_realname = $_POST['r_realname'];
|
$r_realname = DB::escape($_POST['r_realname']);
|
||||||
|
|
||||||
DB::query("update user_info set realname = '$r_realname' where username = '$r_username'");
|
DB::query("update user_info set realname = '$r_realname' where username = '$r_username'");
|
||||||
};
|
};
|
||||||
|
Loading…
Reference in New Issue
Block a user