ENGO150/FabrikaHradekTour
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

comparing binary username for case sensitivity

Browse Source
This commit is contained in:
Václav Šmejkal 2024-05-22 16:01:41 +02:00
parent f8d85b9b92
commit 6257ba0d52
Signed by: ENGO150
GPG Key ID: 4A57E86482968843
4 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
forum.php
View File

@ -36,7 +36,7 @@ if (!isset($_SESSION["username"]))
<?php
include("./res/global.php");
$out = $database -> query("SELECT username, admin FROM user WHERE username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
if ($out -> num_rows == 1)
{

2
res/forum/api/list_users.php
View File

@ -5,7 +5,7 @@ session_start();
if (!isset($_SESSION["username"])) goto fail;
$out = $database -> query("SELECT username, admin FROM user WHERE username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
if ($out -> num_rows != 1)
{

4
res/forum/api/remove_user.php
View File

@ -5,7 +5,7 @@ session_start();
if (!isset($_SESSION["username"])) goto fail;
$out = $database -> query("SELECT username, admin FROM user WHERE username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
if ($out -> num_rows != 1)
{
@ -17,7 +17,7 @@ if ($out -> num_rows != 1)
if (!isset($_GET["username"])) return;
$user_info_id = (($database -> query("SELECT user_info FROM user WHERE username=\"" . $_GET["username"] . "\"")) -> fetch_assoc())["user_info"];
$user_info_id = (($database -> query("SELECT user_info FROM user WHERE BINARY username=\"" . $_GET["username"] . "\"")) -> fetch_assoc())["user_info"];
$database -> query("DELETE FROM user WHERE user_info=" . $user_info_id);
$database -> query("DELETE FROM user_info WHERE id=" . $user_info_id);

2
res/forum/api/user_info.php
View File

@ -5,7 +5,7 @@ session_start();
if (!isset($_SESSION["username"])) goto fail;
$out = $database -> query("SELECT username, admin FROM user WHERE username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
if (!isset($_GET["username"])) return;