WordPress.org
Get WordPress

Plugin Directory

Changeset 1129320


Ignore:
Timestamp:
04/07/2015 07:46:54 AM (11 years ago)
Author:
hdflvplayer
Message:

Commit to fix id validation from get method issue

Location:
contus-video-gallery
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • contus-video-gallery/tags/2.8/hdflvvideoshare.php

    r1096837 r1129320  
    337337function videohitcount_function() {
    338338        global $wpdb;
    339         $vid      = $_GET['vid'];                       
     339        $vid      = intval($_GET['vid']);                       
    340340        $hitList  = $wpdb->get_row( 'SELECT * FROM ' . $wpdb->prefix . 'hdflvvideoshare WHERE vid="' . intval( $vid ) . '"' );
    341341        $hitCount = $hitList->hitcount;         
     
    353353function ratecount_function() {
    354354    global $wpdb;
    355     $vid      = $_GET['vid'];   
    356     $get_rate = $_GET['rate'];   
     355    $vid      = intval($_GET['vid']);   
     356    $get_rate = intval($_GET['rate']);   
    357357    if ( ! empty( $get_rate ) ) {
    358358
     
    378378function google_adsense(){
    379379    global $wpdb;
    380     $vid = $_GET['vid'];   
     380    $vid = intval($_GET['vid']);   
    381381    $google_adsense_id =  $wpdb->get_var('SELECT google_adsense_value FROM '.$wpdb->prefix.'hdflvvideoshare WHERE vid ='.$vid);
    382382    $query = $wpdb->get_var('SELECT googleadsense_details FROM '.$wpdb->prefix.'hdflvvideoshare_vgoogleadsense WHERE id='.$google_adsense_id);

  • contus-video-gallery/trunk/hdflvvideoshare.php

    r1096837 r1129320  
    337337function videohitcount_function() {
    338338        global $wpdb;
    339         $vid      = $_GET['vid'];                       
     339        $vid      = intval($_GET['vid']);                       
    340340        $hitList  = $wpdb->get_row( 'SELECT * FROM ' . $wpdb->prefix . 'hdflvvideoshare WHERE vid="' . intval( $vid ) . '"' );
    341341        $hitCount = $hitList->hitcount;         
     
    353353function ratecount_function() {
    354354    global $wpdb;
    355     $vid      = $_GET['vid'];   
    356     $get_rate = $_GET['rate'];   
     355    $vid      = intval($_GET['vid']);   
     356    $get_rate = intval($_GET['rate']);   
    357357    if ( ! empty( $get_rate ) ) {
    358358
     
    378378function google_adsense(){
    379379    global $wpdb;
    380     $vid = $_GET['vid'];   
     380    $vid = intval($_GET['vid']);   
    381381    $google_adsense_id =  $wpdb->get_var('SELECT google_adsense_value FROM '.$wpdb->prefix.'hdflvvideoshare WHERE vid ='.$vid);
    382382    $query = $wpdb->get_var('SELECT googleadsense_details FROM '.$wpdb->prefix.'hdflvvideoshare_vgoogleadsense WHERE id='.$google_adsense_id);
Note: See TracChangeset for help on using the changeset viewer.