-1

So basically it is like a PHP game, where you have garage and when you buy cars they go to that garage and there is a list of them in there, also there is a button with url http://localhost/garage?active=58(58 being a car ID.) this button switches car and makes it active, you can race using that car with other people. HOWEVER, when you add a weird symbol to the url (ex.:active=58@) , it deactivates all cars, because php code stuck at:

Here, it does not recognise the car id and stops here:

$setinactive = mysql_query("UPDATE user_cars SET active='No' WHERE userid='$userid' and carid='$activenow'");

When without symbol, it ordinary proceeds to this line and sets choosen id car active:

$setactive   = mysql_query("UPDATE user_cars SET active='Yes' WHERE userid='$userid' and carid='$carid'");
}

I know its bad coding, but is there any simple fix to this?

Kentaurs
  • 11
  • 4
  • 3
    Can you show a bit more of your context? How are you defining the variables? I suggest filtering inputs for numeric values and using parameterized/prepared statements. – showdev Aug 24 '16 at 20:16
  • So, are you asking for a way to make it work while preserving the bad coding, or would you be be ok using a solution with not-bad coding? – Don't Panic Aug 24 '16 at 20:21
  • By destroying bad coding, everything will collapse. It should be preserved i think, and I am speaking unironically :) I am trying to add last bit of code, but I seem to be unable to. – Kentaurs Aug 24 '16 at 20:25
  • Basically what I need, is to convert string in to a number, thats it. – Kentaurs Aug 24 '16 at 22:03
  • Fixed: All I did thanks to a friend is put (int) $carid = security((int)$_GET['active']); – Kentaurs Aug 24 '16 at 22:28
  • Your security function is not working. – symcbean Aug 24 '16 at 23:36

1 Answers1

0

Fixed with (int) value:

  <?php
    $username = $_SESSION['username'];
    if (isset($_GET['active'])) {
         $carid  = security((int)$_GET['active']);
        $userid = get_userid($username);
        if (user_has_car($carid) == "Yes" AND get_user_activecar($urow['id']) != $row['id']) {
            $activenow   = get_user_activecar($urow['id']);
            $setinactive = mysql_query("UPDATE user_cars SET active='No' WHERE userid='$userid' and carid='$activenow'");
            $setactive   = mysql_query("UPDATE user_cars SET active='Yes' WHERE userid='$userid' and carid='$carid'");
        }
        echo '<meta http-equiv="refresh" content="0;url=garage">';
    }
    ?>
Kentaurs
  • 11
  • 4