From 7550df3915d7e9c83c430ff3067dd73264e7866d Mon Sep 17 00:00:00 2001 From: rvelices Date: Sat, 23 Aug 2008 01:15:33 +0000 Subject: - security fix : when conf['question_mark_in_urls']=true , $_SERVER['PATH_INFO'] was not sanitized against sql injection - mysql errors are now dumped using trigger_error instead of echo and die -> allow admins to see later on if someone tries funny stuff git-svn-id: http://piwigo.org/svn/branches/branch-1_7@2483 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions.inc.php | 33 ++++++++++++++++++++------------- 1 file changed, 20 insertions(+), 13 deletions(-) (limited to 'include/functions.inc.php') diff --git a/include/functions.inc.php b/include/functions.inc.php index 64aa7fa5a..4cacc0309 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -629,7 +629,7 @@ function pwg_query($query) global $conf,$page,$debug,$t2; $start = get_moment(); - $result = mysql_query($query) or my_error($query."\n"); + ($result = mysql_query($query)) or my_error($query, $conf['die_on_sql_error']); $time = get_moment() - $start; @@ -924,26 +924,33 @@ function get_thumbnail_title($element_info) // my_error returns (or send to standard output) the message concerning the // error occured for the last mysql query. -function my_error($header) -{ - global $conf; - $error = '
';
-  $error.= $header;
-  $error.= '[mysql error '.mysql_errno().'] ';
-  $error.= mysql_error();
-  $error.= '
'; +function my_error($header, $die) +{ + $error = $header; + $error.= "\n[mysql error ".mysql_errno().'] '.mysql_error()."\n"; - if ($conf['die_on_sql_error']) + if (function_exists('debug_backtrace')) { - die($error); + $bt = debug_backtrace(); + for ($i=0; $i"); + trigger_error($error, $die ? E_USER_ERROR : E_USER_WARNING); + !$die || die($error); // just in case the handler didnt die + echo(""); } + /** * creates an array based on a query, this function is a very common pattern * used here -- cgit v1.2.3