Escapado string, antes de inserir no banco de dados.

Lucas D'Avila
1 parent e132bb38
Showing 1 changed file with 2 additions and 0 deletions Show diff stats
ieducar/intranet/include/clsBase.inc.php
@@ -51,6 +51,7 @@ require_once &#39;include/funcoes.inc.php&#39;;
  
 require_once 'Portabilis/Utils/Database.php';
 require_once 'Portabilis/Utils/User.php';
+require_once 'Portabilis/String/Utils.php';
  
 require_once 'modules/Error/Mailers/NotificationMailer.php';
  
@@ -256,6 +257,7 @@ class clsBase extends clsConfig
           }
  
           $variaveis = "POST\n{$posts}GET\n{$gets}SESSION\n{$sessions}";
+          $variaveis = Portabilis_String_Utils::toLatin1($variaveis, array('escape' => true));
  
           if ($this->currentUserId()) {
             $this->db()->Consulta("INSERT INTO intranet_segur_permissao_negada (ref_ref_cod_pessoa_fj, ip_externo, ip_interno, data_hora, pagina, variaveis) VALUES('{$this->currentUserId()}', '$ip', '$ip_de_rede', NOW(), '$pagina', '$variaveis')");
...	...	@@ -51,6 +51,7 @@ require_once 'include/funcoes.inc.php';
51	51
52	52	require_once 'Portabilis/Utils/Database.php';
53	53	require_once 'Portabilis/Utils/User.php';
	54	+require_once 'Portabilis/String/Utils.php';
54	55
55	56	require_once 'modules/Error/Mailers/NotificationMailer.php';
56	57
...	...	@@ -256,6 +257,7 @@ class clsBase extends clsConfig
256	257	}
257	258
258	259	$variaveis = "POST\n{$posts}GET\n{$gets}SESSION\n{$sessions}";
	260	+ $variaveis = Portabilis_String_Utils::toLatin1($variaveis, array('escape' => true));
259	261
260	262	if ($this->currentUserId()) {
261	263	$this->db()->Consulta("INSERT INTO intranet_segur_permissao_negada (ref_ref_cod_pessoa_fj, ip_externo, ip_interno, data_hora, pagina, variaveis) VALUES('{$this->currentUserId()}', '$ip', '$ip_de_rede', NOW(), '$pagina', '$variaveis')");
...	...