From: Roland Häder Date: Sat, 2 Feb 2008 13:17:36 +0000 (+0000) Subject: userid secure in redirect X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=6abdc415da471ef603522b3c4e623441801f9ac0;p=mailer.git userid secure in redirect --- diff --git a/0.2.1/click.php b/0.2.1/click.php index de80ccb59b..8a083637b4 100644 --- a/0.2.1/click.php +++ b/0.2.1/click.php @@ -46,26 +46,19 @@ $GLOBALS['module'] = "click"; $CSS = -1; // Load the required file(s) require ("inc/config.php"); -if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) -{ +if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) { // Update clicks counter... $CLICK = 1; $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET clicks=clicks+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__); - if (SQL_AFFECTEDROWS($link) == 1) - { - if (!empty($_GET['user'])) - { - LOAD_URL(URL."/ref.php?refid=".$_GET['user']); - } - else - { - LOAD_URL(URL."/shop_reseller.php?reseller=".$_GET['reseller']); + if (SQL_AFFECTEDROWS($link) == 1) { + if (!empty($_GET['user'])) { + LOAD_URL(URL."/ref.php?refid=".bigintval($_GET['user'])); + } else { + LOAD_URL(URL."/shop_reseller.php?reseller=".bigintval($_GET['user'])); } } exit(); -} - else -{ +} else { // Do nothing for now die(); }