aboutsummaryrefslogtreecommitdiffstats
path: root/search.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2010-01-26 09:13:37 +0000
committerplegall <plg@piwigo.org>2010-01-26 09:13:37 +0000
commit34338c55816278ede4e20b586f2f4ff6af7b0e57 (patch)
tree70a4271abe96c427e75fa3e0f57fc80cfafb88d7 /search.php
parent08bc35855c102c43eff80e71a0fac605a9754466 (diff)
bug 1401 fixed: let's use the mysql_real_escape_string on POST fields (even if
I was not able to reproduce any attack because fields are heavily processed before any SQL query). git-svn-id: http://piwigo.org/svn/branches/2.0@4752 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--search.php12
1 files changed, 12 insertions, 0 deletions
diff --git a/search.php b/search.php
index 9d967ea49..0a9712743 100644
--- a/search.php
+++ b/search.php
@@ -35,6 +35,14 @@ $errors = array();
$search = array();
if (isset($_POST['submit']))
{
+ foreach ($_POST as $post_key => $post_value)
+ {
+ if (!is_array($post_value))
+ {
+ $_POST[$post_key] = mysql_real_escape_string($post_value);
+ }
+ }
+
if (isset($_POST['search_allwords'])
and !preg_match('/^\s*$/', $_POST['search_allwords']))
{
@@ -63,6 +71,8 @@ if (isset($_POST['submit']))
if (isset($_POST['tags']))
{
+ check_input_parameter('tags', $_POST['tags'], true, PATTERN_ID);
+
$search['fields']['tags'] = array(
'words' => $_POST['tags'],
'mode' => $_POST['tag_mode'],
@@ -82,6 +92,8 @@ if (isset($_POST['submit']))
if (isset($_POST['cat']))
{
+ check_input_parameter('cat', $_POST['cat'], true, PATTERN_ID);
+
$search['fields']['cat'] = array(
'words' => $_POST['cat'],
'sub_inc' => ($_POST['subcats-included'] == 1) ? true : false,