--- mysql/mysql-auth.pl.orig 2012-08-14 17:15:20.523597282 -0400
+++ mysql/mysql-auth.pl 2012-08-14 17:15:22.333591920 -0400
@@ -62,8 +62,10 @@
exit 1;
}
-my $dbq = $dbh->prepare("select username as username, password as password from users where username=\'$user\';");
+my $dbq = $dbh->prepare("select username as username, password as password from users where username=?;");
+$dbq->bind_param(1, $user);
$dbq->execute;
+
my $row = $dbq->fetchrow_hashref();
if ($row->{username} eq "") {
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
508805f574136208098271390f1ee2f7
>
files
>
3
