Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2 groupcp.php,1.33,1.34 login.php,1.36,1.37 posting.php,1.130,1.131 search.php,1.50,1.51
|
From: Paul S. O. <ps...@us...> - 2001-12-21 15:51:34
|
Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv7303
Modified Files:
groupcp.php login.php posting.php search.php
Log Message:
Hopefully this addresses the \' and '' problems with MSSQL, etc. ... I'd like opinions on the security of doing this.
Index: groupcp.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/groupcp.php,v
retrieving revision 1.33
retrieving revision 1.34
diff -C2 -r1.33 -r1.34
*** groupcp.php 2001/12/16 02:06:14 1.33
--- groupcp.php 2001/12/21 15:51:31 1.34
***************
*** 317,321 ****
$sql = "SELECT user_id, user_email
FROM " . USERS_TABLE . "
! WHERE username = '$username'";
if( !$result = $db->sql_query($sql) )
{
--- 317,321 ----
$sql = "SELECT user_id, user_email
FROM " . USERS_TABLE . "
! WHERE username = '" . str_replace("\'", "''", $username) . "'";
if( !$result = $db->sql_query($sql) )
{
Index: login.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/login.php,v
retrieving revision 1.36
retrieving revision 1.37
diff -C2 -r1.36 -r1.37
*** login.php 2001/12/05 00:20:52 1.36
--- login.php 2001/12/21 15:51:31 1.37
***************
*** 50,54 ****
$sql = "SELECT user_id, username, user_password, user_active, user_level
FROM ".USERS_TABLE."
! WHERE username = '$username'";
$result = $db->sql_query($sql);
if(!$result)
--- 50,54 ----
$sql = "SELECT user_id, username, user_password, user_active, user_level
FROM ".USERS_TABLE."
! WHERE username = '" . str_replace("\'", "''", $username) . "'";
$result = $db->sql_query($sql);
if(!$result)
Index: posting.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/posting.php,v
retrieving revision 1.130
retrieving revision 1.131
diff -C2 -r1.130 -r1.131
*** posting.php 2001/12/19 16:59:44 1.130
--- posting.php 2001/12/21 15:51:31 1.131
***************
*** 281,285 ****
$synonym_array = @file($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/search_synonyms.txt");
- // 0.3s
$search_text = clean_words($post_text, $stopword_array, $synonym_array);
$search_matches = split_words($search_text);
--- 281,284 ----
***************
*** 372,385 ****
}
- /*
- $mtime = explode(" ",microtime());
- $starttime = $mtime[1] + $mtime[0];
-
- $mtime = explode(" ", microtime());
- $endtime = $mtime[1] + $mtime[0];
- echo "<BR><BR> TIMING1 >>>>>>>>> " . ($endtime - $starttime) . "<BR><BR>\n";
-
- */
-
remove_common(0.15, $word_id_list);
--- 371,374 ----
***************
*** 1205,1209 ****
{
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote)
! VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
--- 1194,1198 ----
{
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote)
! VALUES ('" . str_replace("\'", "''", $post_subject) . "', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
***************
*** 1222,1226 ****
{
$sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)
! VALUES ($new_topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")";
if( $result = $db->sql_query($sql) )
{
--- 1211,1215 ----
{
$sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)
! VALUES ($new_topic_id, '" . str_replace("\'", "''", $poll_title) . "', $current_time, " . ( $poll_length * 86400 ) . ")";
if( $result = $db->sql_query($sql) )
{
***************
*** 1231,1235 ****
{
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($new_vote_id, $poll_option_id, '$option_text', 0)";
if( !$result = $db->sql_query($sql) )
{
--- 1220,1224 ----
{
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($new_vote_id, $poll_option_id, '" . str_replace("\'", "''", $option_text) . "', 0)";
if( !$result = $db->sql_query($sql) )
{
***************
*** 1268,1272 ****
$sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig)
! VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)";
$result = ($mode == "reply") ? $db->sql_query($sql, BEGIN_TRANSACTION) : $db->sql_query($sql);
--- 1257,1261 ----
$sql = "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig)
! VALUES ($new_topic_id, $forum_id, " . $userdata['user_id'] . ", '" . str_replace("\'", "''", $post_username) . "', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)";
$result = ($mode == "reply") ? $db->sql_query($sql, BEGIN_TRANSACTION) : $db->sql_query($sql);
***************
*** 1276,1280 ****
$sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text)
! VALUES ($new_post_id, '$post_subject', '$bbcode_uid', '$post_message')";
if( $db->sql_query($sql) )
--- 1265,1269 ----
$sql = "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text)
! VALUES ($new_post_id, '" . str_replace("\'", "''", $post_subject) . "', '$bbcode_uid', '" . str_replace("\'", "''", $post_message) . "')";
if( $db->sql_query($sql) )
***************
*** 1905,1909 ****
{
$sql = "UPDATE " . POSTS_TEXT_TABLE . "
! SET post_text = '$post_message', bbcode_uid = '$bbcode_uid', post_subject = '$post_subject'
WHERE post_id = $post_id";
--- 1894,1898 ----
{
$sql = "UPDATE " . POSTS_TEXT_TABLE . "
! SET post_text = '" . str_replace("\'", "''", $post_message) . "', bbcode_uid = '$bbcode_uid', post_subject = '" . str_replace("\'", "''", $post_subject) . "'
WHERE post_id = $post_id";
***************
*** 1919,1923 ****
//
$sql = "UPDATE " . TOPICS_TABLE . "
! SET topic_title = '$post_subject', topic_type = $topic_type" . $sql_topic_vote_edit . "
WHERE topic_id = $topic_id";
if($db->sql_query($sql, END_TRANSACTION))
--- 1908,1912 ----
//
$sql = "UPDATE " . TOPICS_TABLE . "
! SET topic_title = '" . str_replace("\'", "''", $post_subject) . "', topic_type = $topic_type" . $sql_topic_vote_edit . "
WHERE topic_id = $topic_id";
if($db->sql_query($sql, END_TRANSACTION))
***************
*** 1951,1955 ****
//
$sql = "UPDATE " . VOTE_DESC_TABLE . "
! SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . "
WHERE topic_id = $topic_id";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
--- 1940,1944 ----
//
$sql = "UPDATE " . VOTE_DESC_TABLE . "
! SET vote_text = '" . str_replace("\'", "''", $poll_title) . "', vote_length = " . ( $poll_length * 86400 ) . "
WHERE topic_id = $topic_id";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
***************
*** 1965,1969 ****
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($vote_id, $poll_option_id, '$option_text', $vote_result)";
if( !$result = $db->sql_query($sql) )
{
--- 1954,1958 ----
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($vote_id, $poll_option_id, '" . str_replace("\'", "''", $option_text) . "', $vote_result)";
if( !$result = $db->sql_query($sql) )
{
***************
*** 1990,1994 ****
//
$sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)
! VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
{
--- 1979,1983 ----
//
$sql = "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length)
! VALUES ($topic_id, '" . str_replace("\'", "''", $poll_title) . "', $current_time, " . ( $poll_length * 86400 ) . ")";
if( $result = $db->sql_query($sql, BEGIN_TRANSACTION) )
{
***************
*** 1999,2003 ****
{
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($new_vote_id, $poll_option_id, '$option_text', 0)";
if( !$result = $db->sql_query($sql) )
{
--- 1988,1992 ----
{
$sql = "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result)
! VALUES ($new_vote_id, $poll_option_id, '" . str_replace("\'", "''", $option_text) . "', 0)";
if( !$result = $db->sql_query($sql) )
{
Index: search.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/search.php,v
retrieving revision 1.50
retrieving revision 1.51
diff -C2 -r1.50 -r1.51
*** search.php 2001/12/20 01:25:00 1.50
--- search.php 2001/12/21 15:51:31 1.51
***************
*** 295,299 ****
$sql = "SELECT user_id
FROM ".USERS_TABLE."
! WHERE username LIKE '$query_author'";
$result = $db->sql_query($sql);
if( !$result )
--- 295,299 ----
$sql = "SELECT user_id
FROM ".USERS_TABLE."
! WHERE username LIKE '" . str_replace("\'", "''", $query_author) . "'";
$result = $db->sql_query($sql);
if( !$result )
***************
*** 508,512 ****
if( $query_author != "" )
{
! $query_author = str_replace("*", "%", trim($query_author));
}
--- 508,512 ----
if( $query_author != "" )
{
! $query_author = str_replace("*", "%", trim(str_replace("\'", "''", $query_author)));
}
***************
*** 735,739 ****
{
$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array)
! VALUES($search_id, '" . $userdata['session_id'] . "', '$result_array')";
if( !$result = $db->sql_query($sql) )
{
--- 735,739 ----
{
$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array)
! VALUES($search_id, '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')";
if( !$result = $db->sql_query($sql) )
{
|
