diff options
| author | plegall <plg@piwigo.org> | 2010-01-26 09:20:10 +0000 |
|---|---|---|
| committer | plegall <plg@piwigo.org> | 2010-01-26 09:20:10 +0000 |
| commit | f107f5bf1a6bd07303a720b630fe651b7cb56d8c (patch) | |
| tree | efd8f93f27fad8099e6df013a246d09b3af7444e | |
| parent | 09019e8bc1b213fd9d2d453581579ce53a788924 (diff) | |
merge r4752 from branch 2.0 to trunk
bug 1401 fixed: let's use the mysql_real_escape_string on POST fields (even if
I was not able to reproduce any attack because fields are heavily processed
before any SQL query).
git-svn-id: http://piwigo.org/svn/trunk@4753 68402e56-0260-453c-a942-63ccdbb3a9ee
| -rw-r--r-- | search.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/search.php b/search.php index fdcbab701..6f9ae5af3 100644 --- a/search.php +++ b/search.php @@ -35,6 +35,14 @@ $errors = array(); $search = array(); if (isset($_POST['submit'])) { + foreach ($_POST as $post_key => $post_value) + { + if (!is_array($post_value)) + { + $_POST[$post_key] = mysql_real_escape_string($post_value); + } + } + if (isset($_POST['search_allwords']) and !preg_match('/^\s*$/', $_POST['search_allwords'])) { @@ -63,6 +71,8 @@ if (isset($_POST['submit'])) if (isset($_POST['tags'])) { + check_input_parameter('tags', $_POST['tags'], true, PATTERN_ID); + $search['fields']['tags'] = array( 'words' => $_POST['tags'], 'mode' => $_POST['tag_mode'], @@ -82,6 +92,8 @@ if (isset($_POST['submit'])) if (isset($_POST['cat'])) { + check_input_parameter('cat', $_POST['cat'], true, PATTERN_ID); + $search['fields']['cat'] = array( 'words' => $_POST['cat'], 'sub_inc' => ($_POST['subcats-included'] == 1) ? true : false, |