GSP/Panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix code review issues

Browse source 
- Remove unnecessary mysqli_real_escape_string calls on prepared statement params
- Add validation for strtotime to handle invalid dates gracefully

Co-authored-by: iaretechnician <2749183+iaretechnician@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2025-10-29 02:21:33 +00:00
parent 4397e67ccb
commit a16dfcd15f
2 changed files with 18 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/billing/renew_server.php
View file

@ -128,11 +128,11 @@ if ($service_stmt) {
// Create invoice for renewal
$qty = 1;
$price_formatted = number_format($price_val, 2, '.', '');
$home_name = mysqli_real_escape_string($db, $order['home_name'] ?? 'Server Renewal');
$home_name = $order['home_name'] ?? 'Server Renewal';
$ip = intval($order['ip'] ?? 0);
$max_players = intval($order['max_players'] ?? 0);
$rcon_pw = mysqli_real_escape_string($db, $order['remote_control_password'] ?? '');
$ftp_pw = mysqli_real_escape_string($db, $order['ftp_password'] ?? '');
$rcon_pw = $order['remote_control_password'] ?? '';
$ftp_pw = $order['ftp_password'] ?? '';
$description = "Renewal: " . $service_name . " - " . $home_name . " (" . $duration . ")";
$now = date('Y-m-d H:i:s');
$due_date = date('Y-m-d H:i:s', strtotime('+7 days')); // Due in 7 days