[phpBT-dev] CVS: phpbt attachment.php,1.23,1.24 bug.php,1.137,1.138

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbt/phpbt
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv10524

Modified Files:
	attachment.php bug.php 
Log Message:
Added some query quoting

Index: attachment.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/attachment.php,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24

--- attachment.php	25 Oct 2004 12:39:56 -0000	1.23
+++ attachment.php	28 May 2005 18:11:52 -0000	1.24
@@ -28,7 +28,7 @@
 	global $db;
 
 	if (list($filename, $mimetype) = grab_attachment($attachid)) {
-		$db->query("delete from ".TBL_ATTACHMENT." where attachment_id = $attachid");
+		$db->query("delete from ".TBL_ATTACHMENT." where attachment_id = ".$db->quote($attachid));
 		unlink($filename);
 		header("Location: {$_SERVER['HTTP_REFERER']}");
 	}
@@ -86,7 +86,7 @@
 	}
 
 	// Check for a previously-uploaded attachment with the same name, bug, and project
-	$rs = $db->query("select a.bug_id, project_id from ".TBL_ATTACHMENT." a, ".TBL_BUG." b where file_name = '{$_FILES['attachment']['name']}' and a.bug_id = b.bug_id");
+	$rs = $db->query("select a.bug_id, project_id from ".TBL_ATTACHMENT." a, ".TBL_BUG." b where file_name = ".$db->quote($_FILES['attachment']['name'])." and a.bug_id = b.bug_id");
 	while ($rs->fetchInto($ainfo)) {
 		if ($bugid == $ainfo['bug_id'] && $projectid == $ainfo['project_id']) {
 			show_attachment_form($bugid, translate("That attachment already exists for this bug"));
@@ -119,7 +119,7 @@
 	}
 
 	@chmod("$filepath/$projectid/$filename", 0766);
-	$db->query("insert into ".TBL_ATTACHMENT." (attachment_id, bug_id, file_name, description, file_size, mime_type, created_by, created_date) values (".join(', ', array($db->nextId(TBL_ATTACHMENT), $bugid, $db->quote($_FILES['attachment']['name']), $db->quote(stripslashes($description)), $_FILES['attachment']['size'], $db->quote($_FILES['attachment']['type']), $u, $now)).")");
+	$db->query("insert into ".TBL_ATTACHMENT." (attachment_id, bug_id, file_name, description, file_size, mime_type, created_by, created_date) values (".join(', ', array($db->nextId(TBL_ATTACHMENT), $db->quote($bugid), $db->quote($_FILES['attachment']['name']), $db->quote(stripslashes($description)), $db->quote($_FILES['attachment']['size']), $db->quote($_FILES['attachment']['type']), $u, $now)).")");
 
 	if ($_POST['use_js']) {
 		$t->render('admin/edit-submit.html');

Index: bug.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/bug.php,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -r1.137 -r1.138
--- bug.php	22 Jan 2005 16:03:48 -0000	1.137
+++ bug.php	28 May 2005 18:11:52 -0000	1.138
@@ -39,7 +39,7 @@
 	global $u, $db, $now;
 
 	// Check to see if the user already voted on this bug
-	if ($db->getOne("select count(*) from ".TBL_BUG_VOTE." where bug_id = $bug_id and user_id = $u")) {
+	if ($db->getOne("select count(*) from ".TBL_BUG_VOTE." where bug_id = ".$db->quote($bug_id)." and user_id = $u")) {
 		show_bug($bug_id, array('vote' => translate("You have already voted for this bug")));
 		return;
 	}
@@ -51,17 +51,17 @@
 	}
 
 	// Record the vote
-	$db->query("insert into ".TBL_BUG_VOTE." (user_id, bug_id, created_date) values ($u, $bug_id, $now)");
+	$db->query("insert into ".TBL_BUG_VOTE." (user_id, bug_id, created_date) values ($u, ".$db->quote($bug_id).", $now)");
 
 	// Proceed only if promoting by votes is turned on
 	if (PROMOTE_VOTES) {
 		// Has this bug already been promoted?
-		$bug_is_new = $db->getOne("select count(*) from ".TBL_BUG." b, ".TBL_STATUS." s where bug_id = $bug_id and b.status_id = s.status_id and status_name = 'New'");
+		$bug_is_new = $db->getOne("select count(*) from ".TBL_BUG." b, ".TBL_STATUS." s where bug_id = ".$db->quote($bug_id)." and b.status_id = s.status_id and status_name = 'New'");
 
 		// If a number of votes are required to promote a bug, check for promotion
-		if (!$bug_is_new and $db->getOne("select count(*) from ".TBL_BUG_VOTE." where bug_id = $bug_id") == PROMOTE_VOTES) {
+		if (!$bug_is_new and $db->getOne("select count(*) from ".TBL_BUG_VOTE." where bug_id = ".$db->quote($bug_id)) == PROMOTE_VOTES) {
 			$status_id = BUG_PROMOTED;
-			$buginfo = $db->getOne("select * from ".TBL_BUG." where bug_id = $bug_id");
+			$buginfo = $db->getOne("select * from ".TBL_BUG." where bug_id = ".$db->quote($bug_id));
 			$changedfields = array('status_id' => $status_id);
 			do_changedfields($u, $buginfo, $changedfields);
 		}
@@ -106,7 +106,7 @@
 		return;
 	}
 
-	$t->assign('history', $db->getAll(sprintf($QUERY['bug-history'], $bugid)));
+	$t->assign('history', $db->getAll(sprintf($QUERY['bug-history'], $db->quote($bugid))));
 	$t->render('bughistory.html', translate("Bug History"));
 }
 





[phpBT-dev] CVS: phpbt attachment.php,1.23,1.24 bug.php,1.137,1.138

Bug tracking system

[phpBT-dev] CVS: phpbt attachment.php,1.23,1.24 bug.php,1.137,1.138