igor/Metadata_PHP
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

После проверки кода на безопасность

Browse Source
This commit is contained in:
igor
2023-10-17 13:41:02 +06:00
parent 573f584ec7
commit 4ddea79113
3 changed files with 37 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
metadata/include/tools.php
View File

@ -102,20 +102,24 @@ function getAccess($key)
global $db;
$result=false;
$sql="select main.p_getaccess(:user_id,:key) as acc;";
$stmt = $db->prepare($sql);
if(isset($_SESSION['USER_ID']))
$sql="select main.p_getaccess(".$_SESSION['USER_ID'].",'".$key."') as acc;";
$stmt->bindValue(':user_id', $_SESSION['USER_ID'], PDO::PARAM_INT);
else
$sql="select main.p_getaccess(0,'".$key."') as acc;";
$stmt->bindValue(':user_id', 0, PDO::PARAM_INT);
$stmt->bindValue(':key', $key, PDO::PARAM_STR);
$res=null;
try
{
$res = $db->query($sql);
$res=$stmt->execute();
}catch (Exception $e)
{
echo $e->getMessage();
}
if($res!=NULL && $res->rowCount()>0)
if($res && $stmt->rowCount()>0)
{
while ($row = $res->fetch(PDO::FETCH_NUM))
while ($row = $stmt->fetch(PDO::FETCH_NUM))
{
$result=$row[0];
}