Mercurial Mercurial > poweradmin / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
delete_record.php
changeset 65 ce1c4d5e1576
parent 48 2b8781fd2e49
child 71 e1b918eaf69a 
--- a/delete_record.php	Thu Jan 03 23:04:46 2008 +0000
+++ b/delete_record.php	Sat Jan 05 16:25:49 2008 +0000
@@ -28,7 +28,8 @@
     		error(ERR_RECORD_ACCESS_DENIED);
 	}
 	if ((!level(5)) && ($_SESSION[$zoneId.'_ispartial'] == 1)) {
-		$checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id='".$_GET["id"]."' AND user_id='".$_SESSION["userid"]."' LIMIT 1");
+		$db->setLimit(1);
+		$checkPartial = $db->queryOne("SELECT id FROM record_owners WHERE record_id=".$db->quote($_GET["id"])." AND user_id=".$db->quote($_SESSION["userid"]));
 		if (empty($checkPartial)) {
 			error(ERR_RECORD_ACCESS_DENIED);
 		}
poweradmin