mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

improved escaping, thanks to stefan schurtz

Browse Source
This commit is contained in:
Garvin Hicking 2012-04-22 16:13:58 +02:00
parent 66e86ba1cf
commit d8243ece6e
2 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/NEWS
View File

@ -72,6 +72,18 @@ Version 1.7 ()
Version 1.6.1 ()
------------------------------------------------------------------------
* Improved escaping of backend plugin management for DB query
(Stefan Schurtz)
* Updated spamblock plugin to 1.78 & 1.79
changed wordfilter to function to check with 'verify_once'
to reject wordfilter signed spam comments before -
added in 1.79 killswitch check and serendipity_db_bool()
* fixed draft & future entries preview link in backend
* Fixed some possible errors with pdo db_begin/end_transaction()
* Fixed unneccessary preg_match notices in the statistics backend
* Fixed a possible problem where template-specific variables would

6
include/plugin_api.inc.php
View File

@ -526,7 +526,7 @@ class serendipity_plugin_api
$filename = serendipity_plugin_api::includePlugin($class_name, $pluginPath, $instance_id);
if (empty($filename) && !empty($instance_id)) {
// $serendipity['debug']['pluginload'][] = "No valid path/filename found.";
$sql = "SELECT path from {$serendipity['dbPrefix']}plugins WHERE name = '" . $instance_id . "'";
$sql = "SELECT path from {$serendipity['dbPrefix']}plugins WHERE name = '" . serendipity_db_escape_string($instance_id) . "'";
$plugdata = serendipity_db_query($sql, true, 'both', false, false, false, true);
if (is_array($plugdata) && isset($plugdata[0])) {
$pluginPath = $plugdata[0];
@ -590,7 +590,7 @@ class serendipity_plugin_api
if (!is_null($authorid)) {
$p->serendipity_owner = $authorid;
} else {
$sql = "SELECT authorid from {$serendipity['dbPrefix']}plugins WHERE name = '" . $instance_id . "'";
$sql = "SELECT authorid from {$serendipity['dbPrefix']}plugins WHERE name = '" . serendipity_db_escape_string($instance_id) . "'";
$owner = serendipity_db_query($sql, true);
if (is_array($owner) && isset($owner[0])) {
$p->serendipity_owner = $owner[0];
@ -1099,7 +1099,7 @@ class serendipity_plugin_api
$instance_id .= ':';
}
$existing = serendipity_db_query("SELECT name FROM {$serendipity['dbPrefix']}plugins WHERE name LIKE '%$instance_id%'");
$existing = serendipity_db_query("SELECT name FROM {$serendipity['dbPrefix']}plugins WHERE name LIKE '%" . serendipity_db_escape_string($instance_id) . "%'");
if (is_array($existing) && !empty($existing[0][0])) {
return $existing[0][0];