Revision 353
Added by ryan almost 19 years ago
| email.php | ||
|---|---|---|
| 49 | 49 |
$wb->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back, false); |
| 50 | 50 |
} |
| 51 | 51 |
|
| 52 |
$email = $wb->add_slashes($email); |
|
| 53 |
|
|
| 52 | 54 |
// Update the database |
| 53 | 55 |
$database = new database(); |
| 54 | 56 |
$query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'"; |
Also available in: Unified diff
Fixed more security issue's related to ticket #237