Menu
▾
▴
[phpwiki-checkins] SF.net SVN: phpwiki:[7209] trunk/lib
|
From: <ru...@us...> - 2009-10-13 07:46:31
|
Revision: 7209
http://phpwiki.svn.sourceforge.net/phpwiki/?rev=7209&view=rev
Author: rurban
Date: 2009-10-13 07:46:22 +0000 (Tue, 13 Oct 2009)
Log Message:
-----------
Revert r7194
Properly fix "limit" database injection.
limit mostly has a "," It is encoded as [offset,]count
Modified Paths:
--------------
trunk/lib/PageList.php
trunk/lib/WikiDB/backend.php
trunk/lib/plugin/AllPages.php
trunk/lib/plugin/AllUsers.php
trunk/lib/plugin/BackLinks.php
trunk/lib/plugin/FullTextSearch.php
trunk/lib/plugin/LikePages.php
trunk/lib/plugin/LinkDatabase.php
trunk/lib/plugin/LinkSearch.php
trunk/lib/plugin/ListPages.php
trunk/lib/plugin/ListRelations.php
trunk/lib/plugin/ListSubpages.php
trunk/lib/plugin/MostPopular.php
trunk/lib/plugin/RandomPage.php
trunk/lib/plugin/RecentReferrers.php
trunk/lib/plugin/SemanticSearch.php
trunk/lib/plugin/SemanticSearchAdvanced.php
trunk/lib/plugin/TitleSearch.php
trunk/lib/plugin/UnfoldSubpages.php
trunk/lib/plugin/WantedPages.php
trunk/lib/plugin/WikiAdminSelect.php
Modified: trunk/lib/PageList.php
===================================================================
--- trunk/lib/PageList.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/PageList.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -1359,11 +1359,26 @@
}
function limit($limit) {
- if (is_array($limit)) return $limit;
- if (strstr($limit, ','))
- return split(',', $limit);
- else
+ if (is_array($limit)) {
+ list($from, $count) = $limit;
+ if ((!empty($from) && !is_numeric($from)) or (!empty($count) && !is_numeric($count))) {
+ return $this->error(_("Illegal 'limit' argument: must be numeric"));
+ }
+ return $limit;
+ }
+ if (strstr($limit, ',')) {
+ list($from, $limit) = split(',', $limit);
+ if ((!empty($from) && !is_numeric($from)) or (!empty($limit) && !is_numeric($limit))) {
+ return $this->error(_("Illegal 'limit' argument: must be numeric"));
+ }
+ return array($from, $limit);
+ }
+ else {
+ if (!empty($limit) && !is_numeric($limit)) {
+ return $this->error(_("Illegal 'limit' argument: must be numeric"));
+ }
return array(0, $limit);
+ }
}
function pagingTokens($numrows = false, $ncolumns = false, $limit = false) {
Modified: trunk/lib/WikiDB/backend.php
===================================================================
--- trunk/lib/WikiDB/backend.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/WikiDB/backend.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -524,10 +524,19 @@
* list($offset,$count) = $this->limit($args['limit']);
*/
function limit($limit) {
- if (strstr($limit, ','))
- return split(',', $limit);
- else
+ if (strstr($limit, ',')) {
+ list($from, $limit) = split(',', $limit);
+ if ((!empty($from) && !is_numeric($from)) or (!empty($limit) && !is_numeric($limit))) {
+ return $this->error(_("Illegal 'limit' argument: must be numeric"));
+ }
+ return array($from, $limit);
+ }
+ else {
+ if (!empty($limit) && !is_numeric($limit)) {
+ return $this->error(_("Illegal 'limit' argument: must be numeric"));
+ }
return array(0, $limit);
+ }
}
/**
Modified: trunk/lib/plugin/AllPages.php
===================================================================
--- trunk/lib/plugin/AllPages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/AllPages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -66,10 +66,6 @@
function run($dbi, $argstr, $request, $basepage) {
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
$pages = false;
// Todo: extend given _GET args
if (defined('DEBUG') && DEBUG && $args['debug']) {
Modified: trunk/lib/plugin/AllUsers.php
===================================================================
--- trunk/lib/plugin/AllUsers.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/AllUsers.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -67,10 +67,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
if (defined('DEBUG') && DEBUG && $debug) {
$timer = new DebugTimer;
Modified: trunk/lib/plugin/BackLinks.php
===================================================================
--- trunk/lib/plugin/BackLinks.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/BackLinks.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -60,10 +60,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
if (empty($page) and $page != '0')
return '';
Modified: trunk/lib/plugin/FullTextSearch.php
===================================================================
--- trunk/lib/plugin/FullTextSearch.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/FullTextSearch.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -73,10 +73,6 @@
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if (empty($args['s'])) {
return HTML();
}
Modified: trunk/lib/plugin/LikePages.php
===================================================================
--- trunk/lib/plugin/LikePages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/LikePages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -59,10 +59,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
if (empty($page) && empty($prefix) && empty($suffix))
return '';
Modified: trunk/lib/plugin/LinkDatabase.php
===================================================================
--- trunk/lib/plugin/LinkDatabase.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/LinkDatabase.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -76,10 +76,6 @@
global $WikiTheme;
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
$caption = _("All pages with all links in this wiki (%d total):");
if ( !empty($args['owner']) ) {
Modified: trunk/lib/plugin/LinkSearch.php
===================================================================
--- trunk/lib/plugin/LinkSearch.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/LinkSearch.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -130,10 +130,6 @@
global $WikiTheme;
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if (empty($args['page']))
$args['page'] = "*";
$form = $this->showForm($dbi, $request, $args);
Modified: trunk/lib/plugin/ListPages.php
===================================================================
--- trunk/lib/plugin/ListPages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/ListPages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -68,10 +68,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
// If the ratings table does not exist, or on dba it will break otherwise.
// Check if WikiTheme isa 'wikilens'
Modified: trunk/lib/plugin/ListRelations.php
===================================================================
--- trunk/lib/plugin/ListRelations.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/ListRelations.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -50,11 +50,6 @@
}
function run ($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
$pagelist = new PageList($info, $exclude, $args);
// should attributes be listed as pagename here?
Modified: trunk/lib/plugin/ListSubpages.php
===================================================================
--- trunk/lib/plugin/ListSubpages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/ListSubpages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -61,11 +61,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if ($args['basepage'])
$pagename = $args['basepage'];
else
Modified: trunk/lib/plugin/MostPopular.php
===================================================================
--- trunk/lib/plugin/MostPopular.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/MostPopular.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -60,11 +60,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
if (strstr($sortby,'mtime')) {
trigger_error(_("sortby=mtime not supported with MostPopular"),
Modified: trunk/lib/plugin/RandomPage.php
===================================================================
--- trunk/lib/plugin/RandomPage.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/RandomPage.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -56,11 +56,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
// fix deprecated arg
Modified: trunk/lib/plugin/RecentReferrers.php
===================================================================
--- trunk/lib/plugin/RecentReferrers.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/RecentReferrers.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -38,11 +38,6 @@
return HTML::div(array('class' => "error"), "Error: no ACCESS_LOG");
}
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
$table = HTML::table(array('cellpadding' => 1,
'cellspacing' => 2,
'border' => 0,
Modified: trunk/lib/plugin/SemanticSearch.php
===================================================================
--- trunk/lib/plugin/SemanticSearch.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/SemanticSearch.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -276,11 +276,6 @@
$this->_supported_operators = array(':=','<','<=','>','>=','!=','==','=~');
$this->_text_operators = array(':=','==','=~','!=');
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if (empty($args['page']))
$args['page'] = "*";
if (!isset($args['s'])) // it might be (integer) 0
Modified: trunk/lib/plugin/SemanticSearchAdvanced.php
===================================================================
--- trunk/lib/plugin/SemanticSearchAdvanced.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/SemanticSearchAdvanced.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -133,11 +133,6 @@
$this->_supported_operators = array(':=','<','<=','>','>=','!=','==','=~');
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
$posted = $request->getArg('semsearch');
$request->setArg('semsearch', false);
if ($request->isPost() and isset($posted['help'])) {
Modified: trunk/lib/plugin/TitleSearch.php
===================================================================
--- trunk/lib/plugin/TitleSearch.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/TitleSearch.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -73,11 +73,6 @@
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if (empty($args['s'])) {
return HTML();
}
Modified: trunk/lib/plugin/UnfoldSubpages.php
===================================================================
--- trunk/lib/plugin/UnfoldSubpages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/UnfoldSubpages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -82,11 +82,6 @@
if (!$included_pages) $included_pages = array($basepage);
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
extract($args);
$query = new TextSearchQuery($pagename . SUBPAGE_SEPARATOR . '*', true, 'glob');
$subpages = $dbi->titleSearch($query, $sortby, $limit, $exclude);
Modified: trunk/lib/plugin/WantedPages.php
===================================================================
--- trunk/lib/plugin/WantedPages.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/WantedPages.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -62,11 +62,6 @@
// exclude arg allows multiple pagenames exclude=HomePage,RecentChanges
function run($dbi, $argstr, &$request, $basepage) {
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
if (!empty($args['exclude_from']))
$args['exclude_from'] = is_string($args['exclude_from'])
? explodePageList($args['exclude_from'])
Modified: trunk/lib/plugin/WikiAdminSelect.php
===================================================================
--- trunk/lib/plugin/WikiAdminSelect.php 2009-10-13 06:58:34 UTC (rev 7208)
+++ trunk/lib/plugin/WikiAdminSelect.php 2009-10-13 07:46:22 UTC (rev 7209)
@@ -120,11 +120,6 @@
//if ($request->getArg('action') != 'browse')
// return $this->disabled("(action != 'browse')");
$args = $this->getArgs($argstr, $request);
-
- if (!empty($args['limit']) && !is_numeric($args['limit'])) {
- return $this->error(_("Illegal 'limit' argument: must be numeric"));
- }
-
$this->_args = $args;
extract($args);
$this->preSelectS($args, $request);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
