aboutsummaryrefslogtreecommitdiffstats
path: root/search.php
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2015-01-08 13:06:27 +0000
committerplegall <plg@piwigo.org>2015-01-08 13:06:27 +0000
commit639edaa04b6082ea6e46644022ed9898292cf43b (patch)
treecd866154da16da4f5d4083dc5c8c9519ced222d7 /search.php
parent503f13db47a3cf917b7098a9ad3d35ae9ed81a84 (diff)
bug 3186: improved security on search.php
git-svn-id: http://piwigo.org/svn/trunk@30864 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'search.php')
-rw-r--r--search.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/search.php b/search.php
index 697454ce0..e4528ea42 100644
--- a/search.php
+++ b/search.php
@@ -48,9 +48,8 @@ if (isset($_POST['submit']))
and !preg_match('/^\s*$/', $_POST['search_allwords']))
{
check_input_parameter('mode', $_POST, false, '/^(OR|AND)$/');
+ check_input_parameter('fields', $_POST, true, '/^(name|comment|file)$/');
- $fields = array_intersect($_POST['fields'], array('name', 'comment', 'file'));
-
$drop_char_match = array(
'-','^','$',';','#','&','(',')','<','>','`','\'','"','|',',','@','_',
'?','%','~','.','[',']','{','}',':','\\','/','=','\'','!','*');
@@ -71,7 +70,7 @@ if (isset($_POST['submit']))
)
),
'mode' => $_POST['mode'],
- 'fields' => $fields,
+ 'fields' => $_POST['fields'],
);
}
@@ -112,6 +111,8 @@ if (isset($_POST['submit']))
}
// dates
+ check_input_parameter('date_type', $_POST, false, '/^date_(creation|available)$/');
+
$type_date = $_POST['date_type'];
if (!empty($_POST['start_year']))
@@ -151,7 +152,7 @@ if (isset($_POST['submit']))
INSERT INTO '.SEARCH_TABLE.'
(rules, last_seen)
VALUES
- (\''.serialize($search).'\', NOW())
+ (\''.pwg_db_real_escape_string(serialize($search)).'\', NOW())
;';
pwg_query($query);