BlueGreycalmElegant

Català-Valencià – Catalan中文 – Chinese (Simplified)中文 – Chinese (Traditional)Česky – CzechDansk – DanishNederlands – DutchEnglish – EnglishSuomi – FinnishFrançais – FrenchDeutsch – Germanעברית – Hebrewहिंदी – HindiMagyar – HungarianBahasa Indonesia – IndonesianItaliano – Italian日本語 – Japanese한국어 – KoreanМакедонски – Macedonianमराठी – MarathiNorsk – NorwegianPolski – PolishPortuguês – PortuguesePortuguês – Portuguese (Brazil)Русский – RussianSlovenčina – SlovakSlovenščina – SlovenianEspañol – SpanishSvenska – SwedishTürkçe – TurkishУкраїнська – UkrainianOëzbekcha – Uzbek

Compare Revisions

• This comparison shows the changes necessary to convert path

  → / @ 2160

  → / @ 2162

  ↔ Reverse comparison

• Compare Path:	Rev

  With Path:	Rev

Ignore whitespace Rev 2160 → Rev 2162

/CHANGELOG
1,5 → 1,10
# $Id$
************ ALCASAR CHANGELOG ***********
-----------------------3.1.1----------------
BUGS
- Fix SQL injection on public part
-----------------------3.1-------------------
NEWS

/web/intercept.php
447,7 → 447,7
include_once("/etc/freeradius-web/config.php");
include_once("./acc/manager/lib/sql/drivers/mysql/functions.php");
$user_url=$_GET['userurl'];
$user_uid=$_GET['uid'];
$user_uid=da_sql_escape_string($_GET['uid']);
$sql = "SELECT attribute, value FROM radreply WHERE username='$user_uid'";
$link = @da_sql_pconnect($config); // on affiche pas les erreurs
if ($link){