aswinikalyan30
commented
1 month ago More than 1 can work on this issue and collaborate across files to implement this
Open aswinikalyan30 opened 1 month ago
aswinikalyan30
commented
1 month ago More than 1 can work on this issue and collaborate across files to implement this
anushkasaxena07
commented
1 month ago @aswinikalyan30 please assign this issue to me....i would love to work on this .
aswinikalyan30
commented
1 month ago Hey @anushkasaxena07 , there are a lot of queries to be modified and need to ensure everything is working after the changes I'll assign this to you, but will keep it open so that other contributors can work with you
anushkasaxena07
commented
1 month ago i have to make changes just in admin_class.php file or in others too ? @aswinikalyan30
aswinikalyan30
commented
1 month ago There are direct SQL queries injection in many files, let this issue be only for the admin_class file. Will open another one for the others
SheetalDawar
commented
3 weeks ago i would like to work on this project, please assign this to me
Describe the feature
In the current implementation , we are directly passing the POST data with session variables into the query string which can expose the application to SQL injection. Re-factor the SQL statements in admin_class.php file to mitigate this.
Add ScreenShots
Refactor items like these into:
Prepared statements like these:
Record