sql sanitized

2024-11-23 22:30:41 +01:00 · 2019-05-22 10:48:09 +02:00 · 2019-05-22 10:48:09 +02:00 · 199539a1c3
commit 199539a1c3
parent 3fe391dbc8
1 changed files with 3 additions and 1 deletions
--- a/php/logout.php
+++ b/php/logout.php
@ -3,7 +3,9 @@ session_start();
 include $_SESSION["docroot"].'/config/config.php';
 include $_SESSION["docroot"].'/php/connect.php';

-$mysqli->query('DELETE FROM `sessions` WHERE `session_id`=\''.$_COOKIE["token"].'\';');
+$deleteQuery = $mysqli->prepare('DELETE FROM `sessions` WHERE `session_id`=?;');
+$deleteQuery->bind_param("s", $_COOKIE["token"]);
+$deleteQuery->execute();

 unset($_SESSION);
 session_destroy();