Make id and delkey required for sql query

This commit is contained in:
Eliot Whalan 2016-06-28 08:07:55 +10:00
parent b0d76a12b7
commit ccfefb8043
No known key found for this signature in database
GPG Key ID: C0A42175139840D6
1 changed files with 2 additions and 2 deletions

View File

@ -162,10 +162,10 @@ func delHandler(w http.ResponseWriter, r *http.Request) {
db, err := sql.Open("mysql", DATABASE) db, err := sql.Open("mysql", DATABASE)
check(err) check(err)
stmt, err := db.Prepare("delete from pastebin where delkey=?") stmt, err := db.Prepare("delete from pastebin where delkey=? and id=?")
check(err) check(err)
res, err := stmt.Exec(html.EscapeString(delkey)) res, err := stmt.Exec(html.EscapeString(delkey), html.EscapeString(paste))
check(err) check(err)
_, err = res.RowsAffected() _, err = res.RowsAffected()