Revision: 1119
http://mrbs.svn.sourceforge.net/mrbs/?rev=1119&view=rev
Author: jberanek
Date: 2009-06-19 20:45:24 +0000 (Fri, 19 Jun 2009)
Log Message:
-----------
* Added SQL escaping in reports (Secunia Advisory SA35469).
Modified Paths:
--------------
mrbs/trunk/web/report.php
Modified: mrbs/trunk/web/report.php
===================================================================
--- mrbs/trunk/web/report.php 2009-06-18 21:54:26 UTC (rev 1118)
+++ mrbs/trunk/web/report.php 2009-06-19 20:45:24 UTC (rev 1119)
@@ -609,11 +609,11 @@
if (!empty($areamatch))
{
- $sql .= " AND" . sql_syntax_caseless_contains("a.area_name", $areamatch);
+ $sql .= " AND" . sql_syntax_caseless_contains("a.area_name",
addslashes($areamatch));
}
if (!empty($roommatch))
{
- $sql .= " AND" . sql_syntax_caseless_contains("r.room_name", $roommatch);
+ $sql .= " AND" . sql_syntax_caseless_contains("r.room_name",
addslashes($roommatch));
}
if (!empty($typematch))
{
@@ -623,26 +623,26 @@
$or_array = array();
foreach ( $typematch as $type )
{
- $or_array[] = "e.type = '$type'";
+ $or_array[] = "e.type = '".addslashes($type)."'";
}
$sql .= "(". implode( " OR ", $or_array ) .")";
}
else
{
- $sql .= "e.type = '".$typematch[0]."'";
+ $sql .= "e.type = '".addslashes($typematch[0])."'";
}
}
if (!empty($namematch))
{
- $sql .= " AND" . sql_syntax_caseless_contains("e.name", $namematch);
+ $sql .= " AND" . sql_syntax_caseless_contains("e.name",
addslashes($namematch));
}
if (!empty($descrmatch))
{
- $sql .= " AND" . sql_syntax_caseless_contains("e.description",
$descrmatch);
+ $sql .= " AND" . sql_syntax_caseless_contains("e.description",
addslashes($descrmatch));
}
if (!empty($creatormatch))
{
- $sql .= " AND" . sql_syntax_caseless_contains("e.create_by",
$creatormatch);
+ $sql .= " AND" . sql_syntax_caseless_contains("e.create_by",
addslashes($creatormatch));
}
# If not overriding as public entries and user isn't and admin...
@@ -652,11 +652,11 @@
{
if ($private_override == "private")
{
- $sql .= " AND e.create_by = '$user'";
+ $sql .= " AND e.create_by = '".addslashes($user)."'";
}
else
{
- $sql .= " AND (e.create_by = '$user' OR NOT e.private)";
+ $sql .= " AND (e.create_by = '".addslashes($user)."' OR NOT
e.private)";
}
}
else
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Are you an open source citizen? Join us for the Open Source Bridge conference!
Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250.
Need another reason to go? 24-hour hacker lounge. Register today!
http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
