Fix CSRF vulnerabilities

[sql-web.git] / lib / security.lib.php

diff --git a/lib/security.lib.php b/lib/security.lib.php
index 00874c29dc189eb59ff60875c0ea194433053468..1ac28492f3d6fd8dc6f6be2e6026da3cf24e4e86 100644 (file)
--- a/lib/security.lib.php
+++ b/lib/security.lib.php
@@ -274,7 +274,7 @@ function getSSLCert() {
         $email = trim($fu[1]);
     } else {
         $name = isset($_SERVER['SSL_CLIENT_S_DN_CN'])?$_SERVER['SSL_CLIENT_S_DN_CN']:null;
-        $email = isset($_SERVER['SSL_CLIENT_S_DN_Email'])?$_SERVER['SSL_CLIENT_S_DN_Email']:null;
+        $email = isset($_SERVER['REMOTE_USER'])?$_SERVER['REMOTE_USER']:null;
     }
     if (!is_null($email)) {
         $user = explode('@',$email);
@@ -392,7 +392,7 @@ function delDB($dbname) {
        $arr['bEnabled'] = 0;
        $sql = sprintf("UPDATE DB SET %s WHERE DB.Name = '%s'",
                                        buildSQLSet($arr),
-                                       $dbname);
+                                       mysql_escape_string($dbname));
        DBUpdate($sql);
 
        return true;