|
From: Tom S. <tom...@us...> - 2004-09-13 19:53:21
|
Update of /cvsroot/php-blog/serendipity In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5788 Modified Files: comment.php Log Message: - Fix SQL injection Index: comment.php =================================================================== RCS file: /cvsroot/php-blog/serendipity/comment.php,v retrieving revision 1.44 retrieving revision 1.45 diff -u -d -r1.44 -r1.45 --- comment.php 24 Aug 2004 17:32:45 -0000 1.44 +++ comment.php 13 Sep 2004 19:53:11 -0000 1.45 @@ -107,7 +107,7 @@ echo $html_header; if ($serendipity['GET']['type'] == 'trackbacks') { $tbu = $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . $serendipity['GET']['entry_id']; - $query = 'SELECT title FROM ' . $serendipity['dbPrefix'] . 'entries WHERE id = ' . $serendipity['GET']['entry_id']; + $query = "SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id = '". (int)$serendipity['GET']['entry_id'] ."'"; $entry = serendipity_db_query($query); $entry = serendipity_archiveURL($serendipity['GET']['entry_id'], $entry[0]['title'], 'baseURL'); ?> |
