[syslog] Added sql injection prevention

author: Jannik Schönartz 2017-11-23 14:16:38 +0100
committer: Jannik Schönartz 2017-11-23 14:16:38 +0100
commit: f691bfe4d8e0016229096609a279df469dc37f99 (patch)
tree: 36a3d92017349fc97e79a3e190245c5a13b114e6 /modules-available/syslog
parent: [statistics] Filter 'state' was missing in the client statistics filter (diff)
download: slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.tar.gz
slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.tar.xz
slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/modules-available/syslog/page.inc.php b/modules-available/syslog/page.inc.php
index 46b62d5d..e026107f 100644
--- a/modules-available/syslog/page.inc.php
+++ b/modules-available/syslog/page.inc.php
@@ -54,7 +54,9 @@ class Page_SysLog extends Page
 				$whereClause .= ' WHERE ';
 			else
 				$whereClause .= ' AND ';
-			$whereClause .= "machineuuid='" . Request::get('machineuuid') . "'";
+
+			   $muid = Request::get('machineuid', '', string);
+				$whereClause .= "machineuuid='" . $muid . "'";
 		}
 		$today = date('d.m.Y');
 		$yesterday = date('d.m.Y', time() - 86400);
author	Jannik Schönartz	2017-11-23 14:16:38 +0100
committer	Jannik Schönartz	2017-11-23 14:16:38 +0100
commit	f691bfe4d8e0016229096609a279df469dc37f99 (patch)
tree	36a3d92017349fc97e79a3e190245c5a13b114e6 /modules-available/syslog
parent	[statistics] Filter 'state' was missing in the client statistics filter (diff)
download	slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.tar.gz slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.tar.xz slx-admin-f691bfe4d8e0016229096609a279df469dc37f99.zip