From 7bdb132ffc9b143b177725c479090a7563ed3218 Mon Sep 17 00:00:00 2001 From: plegall Date: Sun, 25 Dec 2005 22:34:44 +0000 Subject: bug 246 fixed : GET parameter "search" is not completely checked before usage in SQL queries. Simple check : if a ";" if found, execution stops. git-svn-id: http://piwigo.org/svn/branches/branch-1_5@988 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions_category.inc.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 0dfb2a7a3..ad118a905 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -381,6 +381,12 @@ function initialize_category( $calling_page = 'category' ) // search result if ( $page['cat'] == 'search' ) { + // SQL injection hacking attempt? + if (strpos($_GET['search'], ';') !== false) + { + die('Hacking attempt on "search" GET parameter'); + } + // analyze search string given in URL (created in search.php) $tokens = explode('|', $_GET['search']); -- cgit v1.2.3