Fixing mysql injection attacks

a2eea3da · Sibidharan · 8339ebc2 · a2eea3da · a2eea3da · a2eea3da
Commit a2eea3da authored 3 years ago by Sibidharan
--- a/api/REST.api.php
+++ b/api/REST.api.php
 <?php
+    require_once($_SERVER['DOCUMENT_ROOT']."/api/lib/Database.class.php");
    class REST {
        public $_allow = array();
@@ -103,6 +104,7 @@
            }else{
                $data = trim(stripslashes($data));
                $data = strip_tags($data);
+                $data = mysqli_real_escape_string(Database::getConnection(), $data);
                $clean_input = trim($data);
            }
            return $clean_input;

--- a/api/index.php
+++ b/api/index.php
@@ -52,8 +52,7 @@ class API extends REST {
        $st = microtime(true);
        if(isset($this->_request['pass'])){
            $cost = (int)$this->_request['cost'];
-            $s = new Signup("", $this->_request['pass'], "");
+            $hash = password_hash($this->_request['pass'], PASSWORD_BCRYPT);
-            $hash = $s->hashPassword($cost);
            $data = [
                "hash" => $hash,
                "info" => password_get_info($hash),

--- a/verify.php
+++ b/verify.php
 <?php
 require_once $_SERVER['DOCUMENT_ROOT'].'/api/lib/Signup.class.php';
+require_once($_SERVER['DOCUMENT_ROOT']."/api/lib/Database.class.php");
-$token = $_GET['token'];
+$token = mysqli_real_escape_string(Database::getConnection(), $_GET['token']);
 try{
    if(Signup::verifyAccount($token)){
        ?>