Fixed some bugs and SQL injection.

saemorris · Apr 4, 2015 · bfba26b · bfba26b
1 parent 45d5889
commit bfba26b
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 3 deletions.
diff --git a/_login.php b/_login.php
@@ -24,11 +24,12 @@ function redirect() {
 		require ('_database.php');
 		$user = $_POST['user'];
 		$pass = $_POST['pass'];
-		// <-- Bad.
 
-		$query = "SELECT user_name, class, person_id FROM users WHERE user_name = '$user' AND password = '$pass'";
+		$query = "SELECT user_name, class, person_id FROM users WHERE user_name = :username AND password = :password";
 
 		$statement = oci_parse($connection, $query);
+		oci_bind_by_name($statement, ':username', $user);
+		oci_bind_by_name($statement, ':password', $pass);
 		$results = oci_execute($statement);
 
 		// Did we get a valid result?

diff --git a/setup.sql b/setup.sql
@@ -11,6 +11,7 @@ DROP TABLE users;
 DROP TABLE persons;
 DROP SEQUENCE record_id_seq;
 DROP SEQUENCE image_id_seq;
+DROP SEQUENCE person_id_seq;
 
 /*
  *  To store the personal information

diff --git a/users.php b/users.php
@@ -12,7 +12,7 @@
 		</p>
 		<div>
 			<form id="searchform" required="1" name="search_users" method="get" action="<?php $PHP_SELF ?>" >
-				<input type="text" name="q" />
+				<input type="text" name="q" value="<?php echo $_GET['q']; ?>" />
 				<input type="submit" value="Search"  />
 			</form>
 		</div>