From e5e02e46861f9c1b88782cb1ef8737253412be33 Mon Sep 17 00:00:00 2001
From: gbateson <gbateson>
Date: Tue, 1 Jul 2008 10:49:22 +0000
Subject: [PATCH] MDL-15184: fix sql injection vulnerability

---
 mod/hotpot/report.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/mod/hotpot/report.php b/mod/hotpot/report.php
index b8c027dfc2..c982fbb08d 100644
--- a/mod/hotpot/report.php
+++ b/mod/hotpot/report.php
@@ -380,10 +380,14 @@ function hotpot_delete_selected_attempts(&$hotpot, $del) {
             $select = "hotpot=:hotpotid AND status=".HOTPOT_STATUS_ABANDONED;
             break;
         case 'selection':
-            $ids = (array)data_submitted();
-            unset($ids['del']);
-            unset($ids['id']);
-            if (!empty($ids)) {
+            $ids = array();
+            $data = (array)data_submitted();
+            foreach ($data as $name => $value) {
+                if (preg_match('/^box\d+$/', $name)) {
+                    $ids[] = intval($value);
+                }
+            }
+            if (count($ids)) {
                 list($ids, $idparams) = $DB->get_in_or_equal($ids, SQL_PARAMS_NAMED, 'crid0');
                 $params = array_merge($params, $idparams); 
                 $select = "hotpot=:hotpotid AND clickreportid $ids";
-- 
2.39.5