From 1235bab5276f8c56ed6ba9cff46563c143c3e240 Mon Sep 17 00:00:00 2001 From: Eric Date: Wed, 18 Nov 2009 20:07:20 +0000 Subject: Escape all login and username characters in database Display correctly usernames (I hope not to have made mistakes) git-svn-id: http://piwigo.org/svn/trunk@4304 68402e56-0260-453c-a942-63ccdbb3a9ee --- admin/comments.php | 2 +- admin/history.php | 2 +- admin/include/c13y_internal.class.php | 2 +- admin/include/functions.php | 2 +- admin/include/functions_notification_by_mail.inc.php | 12 ++++++------ admin/notification_by_mail.php | 10 +++++----- admin/rating.php | 2 +- admin/upload.php | 2 +- admin/user_list.php | 2 +- feed.php | 2 +- include/functions_comment.inc.php | 2 +- include/functions_mail.inc.php | 6 +++--- include/functions_user.inc.php | 16 ++++++++-------- include/menubar.inc.php | 2 +- include/picture_comment.inc.php | 6 +++--- include/ws_functions.inc.php | 8 ++++---- password.php | 2 +- profile.php | 2 +- upload.php | 4 ++-- 19 files changed, 43 insertions(+), 43 deletions(-) diff --git a/admin/comments.php b/admin/comments.php index cadc3dc67..d4fc89a66 100644 --- a/admin/comments.php +++ b/admin/comments.php @@ -160,7 +160,7 @@ while ($row = mysql_fetch_assoc($result)) } else { - $author_name = $row['username']; + $author_name = stripslashes($row['username']); } $template->append( 'comments', diff --git a/admin/history.php b/admin/history.php index 1560d428b..afc1712e1 100644 --- a/admin/history.php +++ b/admin/history.php @@ -259,7 +259,7 @@ SELECT '.$conf['user_fields']['id'].' AS id $username_of = array(); while ($row = mysql_fetch_assoc($result)) { - $username_of[$row['id']] = $row['username']; + $username_of[$row['id']] = stripslashes($row['username']); } } diff --git a/admin/include/c13y_internal.class.php b/admin/include/c13y_internal.class.php index c807ac24c..6402c6516 100644 --- a/admin/include/c13y_internal.class.php +++ b/admin/include/c13y_internal.class.php @@ -195,7 +195,7 @@ class c13y_internal $inserts = array( array( 'id' => $id, - 'username' => $name, + 'username' => addslashes($name), 'password' => $password ), ); diff --git a/admin/include/functions.php b/admin/include/functions.php index f023a7a5d..d1e82f15f 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -2112,7 +2112,7 @@ SELECT '.$conf['user_fields']['username'].' return false; } - return $username; + return stripslashes($username); } function get_newsletter_subscribe_base_url($language) { diff --git a/admin/include/functions_notification_by_mail.inc.php b/admin/include/functions_notification_by_mail.inc.php index 11b9454f4..6a674c5e0 100644 --- a/admin/include/functions_notification_by_mail.inc.php +++ b/admin/include/functions_notification_by_mail.inc.php @@ -288,7 +288,7 @@ function inc_mail_sent_success($nbm_user) global $page, $env_nbm; $env_nbm['sent_mail_count'] += 1; - array_push($page['infos'], sprintf($env_nbm['msg_info'], $nbm_user['username'], $nbm_user['mail_address'])); + array_push($page['infos'], sprintf($env_nbm['msg_info'], stripslashes($nbm_user['username']), $nbm_user['mail_address'])); } /* @@ -301,7 +301,7 @@ function inc_mail_sent_failed($nbm_user) global $page, $env_nbm; $env_nbm['error_on_mail_count'] += 1; - array_push($page['errors'], sprintf($env_nbm['msg_error'], $nbm_user['username'], $nbm_user['mail_address'])); + array_push($page['errors'], sprintf($env_nbm['msg_error'], stripslashes($nbm_user['username']), $nbm_user['mail_address'])); } /* @@ -338,7 +338,7 @@ function assign_vars_nbm_mail_content($nbm_user) ( array ( - 'USERNAME' => $nbm_user['username'], + 'USERNAME' => stripslashes($nbm_user['username']), 'SEND_AS_NAME' => $env_nbm['send_as_name'], @@ -427,7 +427,7 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su if (pwg_mail ( - format_email($nbm_user['username'], $nbm_user['mail_address']), + format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']), array ( 'from' => $env_nbm['send_as_mail_formated'], @@ -465,12 +465,12 @@ function do_subscribe_unsubscribe_notification_by_mail($is_admin_request, $is_su ) ); $updated_data_count += 1; - array_push($page['infos'], sprintf($msg_info, $nbm_user['username'], $nbm_user['mail_address'])); + array_push($page['infos'], sprintf($msg_info, stripslashes($nbm_user['username']), $nbm_user['mail_address'])); } else { $error_on_updated_data_count += 1; - array_push($page['errors'], sprintf($msg_error, $nbm_user['username'], $nbm_user['mail_address'])); + array_push($page['errors'], sprintf($msg_error, stripslashes($nbm_user['username']), $nbm_user['mail_address'])); } } diff --git a/admin/notification_by_mail.php b/admin/notification_by_mail.php index 11863b7f5..95aea99ae 100644 --- a/admin/notification_by_mail.php +++ b/admin/notification_by_mail.php @@ -175,7 +175,7 @@ order by $page['infos'], sprintf( l10n('nbm_user_x_added'), - $nbm_user['username'], + stripslashes($nbm_user['username']), get_email_address_as_display_text($nbm_user['mail_address']) ) ); @@ -388,7 +388,7 @@ function do_action_send_mail_notification($action = 'list_to_send', $check_key_l if (pwg_mail ( - format_email($nbm_user['username'], $nbm_user['mail_address']), + format_email(stripslashes($nbm_user['username']), $nbm_user['mail_address']), array ( 'from' => $env_nbm['send_as_mail_formated'], @@ -665,7 +665,7 @@ switch ($page['mode']) { if (get_boolean($nbm_user['enabled'])) { - $opt_true[ $nbm_user['check_key'] ] = $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; + $opt_true[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; if ((isset($_POST['falsify']) and isset($_POST['cat_true']) and in_array($nbm_user['check_key'], $_POST['cat_true']))) { $opt_true_selected[] = $nbm_user['check_key']; @@ -673,7 +673,7 @@ switch ($page['mode']) } else { - $opt_false[ $nbm_user['check_key'] ] = $nbm_user['username'].'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; + $opt_false[ $nbm_user['check_key'] ] = stripslashes($nbm_user['username']).'['.get_email_address_as_display_text($nbm_user['mail_address']).']'; if (isset($_POST['trueify']) and isset($_POST['cat_false']) and in_array($nbm_user['check_key'], $_POST['cat_false'])) { $opt_false_selected[] = $nbm_user['check_key']; @@ -718,7 +718,7 @@ switch ($page['mode']) isset($_POST['send_selection']) and // not init !in_array($nbm_user['check_key'], $_POST['send_selection']) // not selected ) ? '' : 'checked="checked"', - 'USERNAME'=> $nbm_user['username'], + 'USERNAME'=> stripslashes($nbm_user['username']), 'EMAIL' => get_email_address_as_display_text($nbm_user['mail_address']), 'LAST_SEND'=> $nbm_user['last_send'] ); diff --git a/admin/rating.php b/admin/rating.php index da19b6b7a..99d703c72 100644 --- a/admin/rating.php +++ b/admin/rating.php @@ -96,7 +96,7 @@ SELECT '.$conf['user_fields']['username'].' as username, '.$conf['user_fields'][ $result = pwg_query($query); while ($row = mysql_fetch_assoc($result)) { - $users[$row['id']]=$row['username']; + $users[$row['id']]=stripslashes($row['username']); } diff --git a/admin/upload.php b/admin/upload.php index b36906778..94e526a35 100644 --- a/admin/upload.php +++ b/admin/upload.php @@ -177,7 +177,7 @@ while ( $row = mysql_fetch_assoc( $result ) ) (substr($row['file'], 0, 10)).'...' : $row['file'], 'PREVIEW_URL_IMG'=>$preview_url, 'UPLOAD_EMAIL'=>get_email_address_as_display_text($row['mail_address']), - 'UPLOAD_USERNAME'=>$row['username'] + 'UPLOAD_USERNAME'=>stripslashes($row['username']) ); // is there an existing associated thumnail ? diff --git a/admin/user_list.php b/admin/user_list.php index 73c1537bb..f679d95ce 100644 --- a/admin/user_list.php +++ b/admin/user_list.php @@ -702,7 +702,7 @@ foreach ($visible_user_list as $local_user) 'CHECKED' => $checked, 'U_PROFILE' => $profile_url.$local_user['id'], 'U_PERM' => $perm_url.$local_user['id'], - 'USERNAME' => $local_user['username'] + 'USERNAME' => stripslashes($local_user['username']) .($local_user['id'] == $conf['guest_id'] ? '
['.l10n('is_the_guest').']' : '') .($local_user['id'] == $conf['default_user_id'] diff --git a/feed.php b/feed.php index 1152902fe..cce6a1b1c 100644 --- a/feed.php +++ b/feed.php @@ -106,7 +106,7 @@ set_make_full_url(); $rss = new UniversalFeedCreator(); $rss->encoding=get_pwg_charset(); $rss->title = $conf['gallery_title']; -$rss->title.= ' (as '.$user['username'].')'; +$rss->title.= ' (as '.stripslashes($user['username']).')'; $rss->link = $conf['gallery_url']; diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php index e7fbec7b7..aff7b9a35 100644 --- a/include/functions_comment.inc.php +++ b/include/functions_comment.inc.php @@ -99,7 +99,7 @@ function insert_user_comment( &$comm, $key, &$infos ) $query = ' SELECT COUNT(*) AS user_exists FROM '.USERS_TABLE.' - WHERE '.$conf['user_fields']['username']." = '".$comm['author']."'"; + WHERE '.$conf['user_fields']['username']." = '".addslashes($comm['author'])."'"; $row = mysql_fetch_assoc( pwg_query( $query ) ); if ( $row['user_exists'] == 1 ) { diff --git a/include/functions_mail.inc.php b/include/functions_mail.inc.php index 905ad3e70..50d342535 100644 --- a/include/functions_mail.inc.php +++ b/include/functions_mail.inc.php @@ -364,7 +364,7 @@ order by { $keyargs_content_admin_info = array ( - get_l10n_args('Connected user: %s', $user['username']), + get_l10n_args('Connected user: %s', stripslashes($user['username'])), get_l10n_args('IP: %s', $_SERVER['REMOTE_ADDR']), get_l10n_args('Browser: %s', $_SERVER['HTTP_USER_AGENT']) ); @@ -483,7 +483,7 @@ WHERE { if (!empty($row['mail_address'])) { - array_push($Bcc, format_email($row['username'], $row['mail_address'])); + array_push($Bcc, format_email(stripslashes($row['username']), $row['mail_address'])); } } @@ -794,7 +794,7 @@ function pwg_send_mail($result, $to, $subject, $content, $headers) $dir = $conf['local_data_dir'].'/tmp'; if ( mkgetdir( $dir, MKGETDIR_DEFAULT&~MKGETDIR_DIE_ON_ERROR) ) { - $filename = $dir.'/mail.'.$user['username'].'.'.$lang_info['code'].'.'.$args['template'].'.'.$args['theme']; + $filename = $dir.'/mail.'.stripslashes($user['username']).'.'.$lang_info['code'].'.'.$args['template'].'.'.$args['theme']; if ($args['content_format'] == 'text/plain') { $filename .= '.txt'; diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index c1f7029d4..f8f02719f 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -170,7 +170,7 @@ SELECT id $keyargs_content = array ( - get_l10n_args('User: %s', $login), + get_l10n_args('User: %s', stripslashes($login)), get_l10n_args('Email: %s', $_POST['mail_address']), get_l10n_args('', ''), get_l10n_args('Admin: %s', $admin_url) @@ -178,7 +178,7 @@ SELECT id pwg_mail_notification_admins ( - get_l10n_args('Registration of %s', $login), + get_l10n_args('Registration of %s', stripslashes($login)), $keyargs_content ); } @@ -933,8 +933,8 @@ WHERE '.$conf['user_fields']['id'].' = '.$user_id; if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); - $username = $row['username']; - $data = $time.$row['username'].$row['password']; + $username = stripslashes($row['username']); + $data = $time.stripslashes($row['username']).$row['password']; $key = base64_encode( pack('H*', sha1($data)) .hash_hmac('md5', $data, $conf['secret_key'],true) @@ -1018,7 +1018,7 @@ function auto_login() { if ($key!==false and $key===$cookie[2]) { log_user($cookie[0], true); - trigger_action('login_success', $username); + trigger_action('login_success', stripslashes($username)); return true; } } @@ -1039,16 +1039,16 @@ function try_log_user($username, $password, $remember_me) SELECT '.$conf['user_fields']['id'].' AS id, '.$conf['user_fields']['password'].' AS password FROM '.USERS_TABLE.' - WHERE '.$conf['user_fields']['username'].' = \''.$username.'\' + WHERE '.$conf['user_fields']['username'].' = \''.mysql_real_escape_string($username).'\' ;'; $row = mysql_fetch_assoc(pwg_query($query)); if ($row['password'] == $conf['pass_convert']($password)) { log_user($row['id'], $remember_me); - trigger_action('login_success', $username); + trigger_action('login_success', stripslashes($username)); return true; } - trigger_action('login_failure', $username); + trigger_action('login_failure', stripslashes($username)); return false; } diff --git a/include/menubar.inc.php b/include/menubar.inc.php index 8156dcf22..35fdb8750 100644 --- a/include/menubar.inc.php +++ b/include/menubar.inc.php @@ -281,7 +281,7 @@ function initialize_menu() } else { - $template->assign('USERNAME', $user['username']); + $template->assign('USERNAME', stripslashes($user['username'])); if (is_autorize_status(ACCESS_CLASSIC)) { $template->assign('U_PROFILE', get_root_url().'profile.php'); diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index a0aed7a70..599f2229d 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -46,8 +46,8 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) ) } $comm = array( - 'author' => trim(@$_POST['author']), - 'content' => trim($_POST['content']), + 'author' => trim( stripslashes(@$_POST['author']) ), + 'content' => trim( stripslashes($_POST['content']) ), 'image_id' => $page['image_id'], ); @@ -152,7 +152,7 @@ $validated_clause.' } else { - $author = $row['username']; + $author = stripslashes($row['username']); } $tpl_comment = diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 00394c791..bfb62b913 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -523,8 +523,8 @@ SELECT DISTINCT image_id } $comm = array( - 'author' => trim($params['author']), - 'content' => trim($params['content']), + 'author' => trim( stripslashes($params['author']) ), + 'content' => trim( stripslashes($params['content']) ), 'image_id' => $params['image_id'], ); @@ -700,7 +700,7 @@ SELECT id, date, author, content ) ) { - $comment_post_data['author'] = $user['username']; + $comment_post_data['author'] = stripslashes($user['username']); $comment_post_data['key'] = get_comment_post_key($params['image_id']); } @@ -1254,7 +1254,7 @@ function ws_session_getStatus($params, &$service) { global $user; $res = array(); - $res['username'] = is_a_guest() ? 'guest' : $user['username']; + $res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']); foreach ( array('status', 'template', 'theme', 'language') as $k ) { $res[$k] = $user[$k]; diff --git a/password.php b/password.php index 05c42b07d..ffa8f4f61 100644 --- a/password.php +++ b/password.php @@ -84,7 +84,7 @@ WHERE ' $new_password = generate_key(6); $infos = - l10n('Username').': '.$row['username'] + l10n('Username').': '.stripslashes($row['username']) ."\n".l10n('Password').': '.$new_password ; diff --git a/profile.php b/profile.php index a3e789f91..214fc461d 100644 --- a/profile.php +++ b/profile.php @@ -243,7 +243,7 @@ function load_profile_in_template($url_action, $url_redirect, $userdata) $template->assign( array( - 'USERNAME'=>$userdata['username'], + 'USERNAME'=>stripslashes($userdata['username']), 'EMAIL'=>get_email_address_as_display_text(@$userdata['email']), 'NB_IMAGE_LINE'=>$userdata['nb_image_line'], 'NB_ROW_PAGE'=>$userdata['nb_line_page'], diff --git a/upload.php b/upload.php index f5ae78721..036ddc9e7 100644 --- a/upload.php +++ b/upload.php @@ -360,10 +360,10 @@ else $template->assign( array( 'ADVISE_TITLE' => $advise_title, - 'NAME' => $username, + 'NAME' => stripslashes($username), 'EMAIL' => $mail_address, 'NAME_IMG' => $name, - 'AUTHOR_IMG' => $author, + 'AUTHOR_IMG' => stripslashes($author), 'DATE_IMG' => $date_creation, 'COMMENT_IMG' => $comment, -- cgit v1.2.3