From: Glenn H. <thr...@us...> - 2006-01-24 03:50:12
|
Update of /cvsroot/mantisbt/mantisbt In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv17696 Modified Files: view_all_inc.php my_view_page.php Log Message: fix for 0006629: Port: code injection - close one register_globals and 2 XSS holes Index: view_all_inc.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/view_all_inc.php,v retrieving revision 1.162 retrieving revision 1.163 diff -u -d -r1.162 -r1.163 --- view_all_inc.php 29 Oct 2005 08:59:46 -0000 1.162 +++ view_all_inc.php 24 Jan 2006 03:50:04 -0000 1.163 @@ -73,7 +73,7 @@ $v_end = 0; if ( sizeof( $rows ) > 0 ) { - $v_start = $t_filter['per_page'] * ($f_page_number-1) +1; + $v_start = $t_filter['per_page'] * (int)($f_page_number-1) +1; $v_end = $v_start + sizeof( $rows ) -1; } @@ -94,7 +94,7 @@ <span class="small"> <?php # -- Page number links -- - print_page_links( 'view_all_bug_page.php', 1, $t_page_count, $f_page_number ); + print_page_links( 'view_all_bug_page.php', 1, $t_page_count, (int)$f_page_number ); ?> </span> </td> </tr> @@ -181,7 +181,7 @@ <?php # -- Page number links -- ?> <td class="right" colspan="2"> <span class="small"> - <?php print_page_links( 'view_all_bug_page.php', 1, $t_page_count, $f_page_number ) ?> + <?php print_page_links( 'view_all_bug_page.php', 1, $t_page_count, (int)$f_page_number ) ?> </span> </td> </tr> Index: my_view_page.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/my_view_page.php,v retrieving revision 1.12 retrieving revision 1.13 diff -u -d -r1.12 -r1.13 --- my_view_page.php 7 Aug 2005 13:42:04 -0000 1.12 +++ my_view_page.php 24 Jan 2006 03:50:05 -0000 1.13 @@ -12,6 +12,8 @@ <?php require_once( 'core.php' ); + $t_core_path = config_get( 'core_path' ); + require_once( $t_core_path . 'compress_api.php' ); require_once( $t_core_path . 'filter_api.php' ); |