aboutsummaryrefslogtreecommitdiffstats
path: root/include/functions_category.inc.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2005-12-25 22:34:44 +0000
committerplegall <plg@piwigo.org>2005-12-25 22:34:44 +0000
commit7bdb132ffc9b143b177725c479090a7563ed3218 (patch)
tree7810e5c95c721568cdbfea7418230381a7176a69 /include/functions_category.inc.php
parent2268adf642f149a08c6123aef7effcfd05f58bc4 (diff)
bug 246 fixed : GET parameter "search" is not completely checked before
usage in SQL queries. Simple check : if a ";" if found, execution stops. git-svn-id: http://piwigo.org/svn/branches/branch-1_5@988 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/functions_category.inc.php')
-rw-r--r--include/functions_category.inc.php6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index 0dfb2a7a3..ad118a905 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -381,6 +381,12 @@ function initialize_category( $calling_page = 'category' )
// search result
if ( $page['cat'] == 'search' )
{
+ // SQL injection hacking attempt?
+ if (strpos($_GET['search'], ';') !== false)
+ {
+ die('Hacking attempt on "search" GET parameter');
+ }
+
// analyze search string given in URL (created in search.php)
$tokens = explode('|', $_GET['search']);