High5
/
shortr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move mysqli_real_escape_string out of select

This commit is contained in:
mischa 2022-08-23 05:51:12 +00:00
parent 518df2473e
commit 680f8dffe5
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
index.php
View File

@ -53,7 +53,8 @@ function generate_short($url, $mysqli) {
}
function find_short($hash, $mysqli) {
$result = mysqli_query($mysqli, "SELECT * FROM " . DB_TABLE . " WHERE id='" . mysqli_real_escape_string($mysqli, $hash) . "'");
$hash = mysqli_real_escape_string($mysqli, $hash);
$result = mysqli_query($mysqli, "SELECT * FROM " . DB_TABLE . " WHERE id='$hash'") . "'");
if ($row = mysqli_fetch_assoc($result)) {
$link = $row['url'];
mysqli_query($mysqli, "UPDATE " . DB_TABLE . " SET count='" . ($row['count'] + 1) . "' WHERE id='" . $row['id'] . "'");