StatPress/StatPress Reloaded – SQL Injections

iriStatAppend() // URL (requested) $urlRequested = iri_StatPress_URL(); … $referrer = (isset($_SERVER[‘HTTP_REFERER’]) ? htmlentities($_SERVER[‘HTTP_REFERER’]) : ”); … $insert = “INSERT INTO ” . $table_name . ” (date, time, ip, urlrequested, agent, referrer, search,nation,os,browser,searchengine,spider,feed,user,timestamp) ” . “VALUES (‘$vdate’,’$vtime’,’$ipAddress’,’$urlRequested’,'” . addslashes(strip_tags($userAgent)) . “‘,’$referrer’,'” READ MORE