From 199539a1c31162a5515c454f4dde6e82b16c0a99 Mon Sep 17 00:00:00 2001 From: Tim Krehan Date: Wed, 22 May 2019 10:48:09 +0200 Subject: [PATCH] sql sanitized --- php/logout.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/php/logout.php b/php/logout.php index fda1dbc..16e1fb8 100644 --- a/php/logout.php +++ b/php/logout.php @@ -3,7 +3,9 @@ session_start(); include $_SESSION["docroot"].'/config/config.php'; include $_SESSION["docroot"].'/php/connect.php'; -$mysqli->query('DELETE FROM `sessions` WHERE `session_id`=\''.$_COOKIE["token"].'\';'); +$deleteQuery = $mysqli->prepare('DELETE FROM `sessions` WHERE `session_id`=?;'); +$deleteQuery->bind_param("s", $_COOKIE["token"]); +$deleteQuery->execute(); unset($_SESSION); session_destroy();