Fixed vulnerabilities
diff --git a/admin/insert.php b/admin/insert.php
index f6f836f..4301bdd 100644
--- a/admin/insert.php
+++ b/admin/insert.php
@@ -17,6 +17,8 @@
$template = "INSERT INTO `".$dbname."` (`id`, `nom`, `curs`, `grau`, `quimata`, `requested`, `mort`, `password`)" .
" VALUES (NULL, '".$user[0]."', '".$user[1]."', '".$user[2]."', ".$i.", '0', '0', '')";
- if (query($template)) header("Location: ./index.php");
+ if (!query($template)) die("An error ocurred.");
}
+
+ header("Location: ./index.php");
?>
diff --git a/index.php b/index.php
index 9ef86fe..3e29c26 100644
--- a/index.php
+++ b/index.php
@@ -55,7 +55,7 @@
console.log(users);
autocomplete(document.getElementById("search-input"), users, "search");
- userid = <?=isset($_COOKIE['user']) ? $_COOKIE['user'] : -1 ?>;
+ userid = <?=isset($_COOKIE['user']) ? (int)$_COOKIE['user'] : -1 ?>;
username = $('option[value=' + userid + ']').text();
if (userid > 0) {
diff --git a/main.php b/main.php
index 6228fbf..7e0231b 100644
--- a/main.php
+++ b/main.php
@@ -41,14 +41,14 @@
<script>
let user = {
- 'id': <?=$user->id?>,
- 'quimata': <?=$user->quimata?>,
- 'requested': <?=$user->requested?>,
- 'mort': <?=$user->mort?>,
+ 'id': <?=(int)$user->id?>,
+ 'quimata': <?=(int)$user->quimata?>,
+ 'requested': <?=(int)$user->requested?>,
+ 'mort': <?=(int)$user->mort?>,
'nom': "<?=$user->nomcomplet?>",
- 'curs': <?=$user->curs?>,
- 'grau': <?=$user->grau?>
+ 'curs': <?=(int)$user->curs?>,
+ 'grau': <?=(int)$user->grau?>
};
</script>
@@ -61,7 +61,7 @@
<div class="formulari_contrasenya" style="display: none;">
<p>Sembla que no tens clau d'accés, la gent podrà entrar a la teva compta...</p>
<form action="./php/change_password.php" method="POST">
- <input type="hidden" value="<?=$_COOKIE['user']?>" name="userid">
+ <input type="hidden" value="<?=(int)$_COOKIE['user']?>" name="userid">
<input type="password" placeholder="Nova clau d'accés..." name="password" /><br />
<input type="password" placeholder="Repeteix la clau d'accés" name="confirmation"/><br />
<input type="submit">
@@ -77,9 +77,9 @@
<td>
<div id="victim_name"><?=$victim->nomcomplet?></div>
<div id="victim_curs_i_grau">
- <span id="victim_curs"><?=$victim->curs?></span>
+ <span id="victim_curs"><?=(int)$victim->curs?></span>
-
- <span id="victim_grau"><?=$victim->grau?></span>
+ <span id="victim_grau"><?=(int)$victim->grau?></span>
</div>
<div id="butons" class="options">
<button id="win" onclick="js: send_request(user, 'REQ KILL');">L'he matat</button>
diff --git a/php/utils.php b/php/utils.php
index a187aea..6ac2e7e 100644
--- a/php/utils.php
+++ b/php/utils.php
@@ -20,7 +20,7 @@
$conn->set_charset("utf8");
// Execute query and save result
- if (!$result = $conn->query($query)) echo $conn->error;
+ $result = $conn->query($query);
// Close the connection
$conn->close();