Fix for bug 108822: Prevent any user from changing their own groupset.

Patch by Jake <jake@acutex.net>. r=bbaetz,myk

Fix for bug 108822: Prevent any user from changing their own groupset.
faefca3c · myk%mozilla.org · 6f66681a · faefca3c
Commit faefca3c authored Nov 08, 2001 by myk%mozilla.org
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

userprefs.cgi userprefs.cgi +2 -2

No files found.
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -495,8 +495,8 @@ sub SaveFooter {
            Error("Hmm, the $name query seems to have gone away.");
        }
    }
-    SendSQL("UPDATE profiles SET mybugslink = '" . $::FORM{'mybugslink'} .
-            "' WHERE userid = $userid");
+    SendSQL("UPDATE profiles SET mybugslink = " . SqlQuote($::FORM{'mybugslink'}) .
+            " WHERE userid = $userid");
 }