From 7bdb132ffc9b143b177725c479090a7563ed3218 Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Sun, 25 Dec 2005 22:34:44 +0000
Subject: bug 246 fixed : GET parameter "search" is not completely checked
 before usage in SQL queries. Simple check : if a ";" if found, execution
 stops.

git-svn-id: http://piwigo.org/svn/branches/branch-1_5@988 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/functions_category.inc.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'include')

diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php
index 0dfb2a7a3..ad118a905 100644
--- a/include/functions_category.inc.php
+++ b/include/functions_category.inc.php
@@ -381,6 +381,12 @@ function initialize_category( $calling_page = 'category' )
       // search result
       if ( $page['cat'] == 'search' )
       {
+        // SQL injection hacking attempt?
+        if (strpos($_GET['search'], ';') !== false)
+        {
+          die('Hacking attempt on "search" GET parameter');
+        }
+        
         // analyze search string given in URL (created in search.php)
         $tokens = explode('|', $_GET['search']);
 
-- 
cgit v1.2.3