[Dynapi-CVS] CVS: dynapi3x/test/scripts storeResult.php,1.1,1.2

Tue, 23 Aug 2005 16:02:08 -0700 

Update of /cvsroot/dynapi/dynapi3x/test/scripts
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22337

Modified Files:
        storeResult.php 
Log Message:
Fixed bad SQL and strip slashes from request parameters

Index: storeResult.php
===================================================================
RCS file: /cvsroot/dynapi/dynapi3x/test/scripts/storeResult.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** storeResult.php     15 Aug 2005 23:18:16 -0000      1.1
--- storeResult.php     23 Aug 2005 22:58:57 -0000      1.2
***************
*** 16,22 ****
  $name = $_REQUEST['name'];
  $passfail = $_REQUEST['passfail'];
! $comments = $_REQUEST['comments'];
! $tester = $_REQUEST['tester'];
! $agent = $_SERVER['HTTP_USER_AGENT'];
  $dynapiVersion = getDynAPIVersion();
  $now = date("YmdHis");
--- 16,22 ----
  $name = $_REQUEST['name'];
  $passfail = $_REQUEST['passfail'];
! $comments = stripslashes($_REQUEST['comments']);
! $tester = stripslashes($_REQUEST['tester']);
! $agent = stripslashes($_SERVER['HTTP_USER_AGENT']);
  $dynapiVersion = getDynAPIVersion();
  $now = date("YmdHis");
***************
*** 44,48 ****
    or die("Could not select database $test_database_name");
  
! $query = "INSERT INTO testresult (testcase_name, dynapi_version, 
testcase_date, passed, comments, user_agent, test_date, tester) VALUES 
('$name', 'dynapi$version', '$fileMod', $passfail, '$comments', '$agent', 
'$now', '$tester')";
  mysql_query($query) or die('Query failed: ' . mysql_error());
  
--- 44,48 ----
    or die("Could not select database $test_database_name");
  
! $query = "INSERT INTO testresult (testcase_name, dynapi_version, 
testcase_date, passed, comments, user_agent, test_date, tester) VALUES 
('$name', '$dynapiVersion', '$fileMod', $passfail, '$comments', '$agent', 
'$now', '$tester')";
  mysql_query($query) or die('Query failed: ' . mysql_error());
  



-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Dynapi-CVS mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dynapi-cvs

Reply via email to