mirror of
https://github.com/foin137/werwolfonline.eu.git
synced 2025-12-12 11:21:22 +00:00
ca7588ec86
The goal of this edit is to prevent sql injection. For string inputs like player name -> prepare sql statements. For other inputs that are integers -> cast to int via (int)
16 lines
441 B
PHP
16 lines
441 B
PHP
<?php
|
|
|
|
include "includes.php";
|
|
header("Content-Type: text/html; charset=utf-8");
|
|
header('Cache-Control: no-cache, no-store, max-age=0, must-revalidate');
|
|
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); // Date in the past
|
|
header('Pragma: no-cache');
|
|
$spielID = (int)$_GET['game'];
|
|
|
|
if ($Result = $mysqli->query("SELECT * FROM ".$spielID."_game"))
|
|
{
|
|
$temp = $Result->fetch_assoc();
|
|
echo $temp['log'];
|
|
}
|
|
|
|
?>
|