mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
- Applied a patch from Loui to fix session removal.
- Replaced all occurences of mysql_escape_string() with mysql_real_escape_string().
This commit is contained in:
swiergot
parent
9ab02ad6a7
commit
0b92839bee
8 changed files with 71 additions and 71 deletions
|
|
@ -206,7 +206,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
|
|||
# NOTE: a race condition exists here if we care...
|
||||
#
|
||||
$q = "SELECT COUNT(*) AS CNT FROM Users ";
|
||||
$q.= "WHERE Username = '".mysql_escape_string($U)."'";
|
||||
$q.= "WHERE Username = '".mysql_real_escape_string($U)."'";
|
||||
if ($TYPE == "edit") {
|
||||
$q.= " AND ID != ".intval($UID);
|
||||
}
|
||||
|
|
@ -224,7 +224,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
|
|||
# NOTE: a race condition exists here if we care...
|
||||
#
|
||||
$q = "SELECT COUNT(*) AS CNT FROM Users ";
|
||||
$q.= "WHERE Email = '".mysql_escape_string($E)."'";
|
||||
$q.= "WHERE Email = '".mysql_real_escape_string($E)."'";
|
||||
if ($TYPE == "edit") {
|
||||
$q.= " AND ID != ".intval($UID);
|
||||
}
|
||||
|
|
@ -250,12 +250,12 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
|
|||
$P = md5($P);
|
||||
$q = "INSERT INTO Users (AccountTypeID, Suspended, Username, Email, ";
|
||||
$q.= "Passwd, RealName, LangPreference, IRCNick, NewPkgNotify) ";
|
||||
$q.= "VALUES (1, 0, '".mysql_escape_string($U)."'";
|
||||
$q.= ", '".mysql_escape_string($E)."'";
|
||||
$q.= ", '".mysql_escape_string($P)."'";
|
||||
$q.= ", '".mysql_escape_string($R)."'";
|
||||
$q.= ", '".mysql_escape_string($L)."'";
|
||||
$q.= ", '".mysql_escape_string($I)."'";
|
||||
$q.= "VALUES (1, 0, '".mysql_real_escape_string($U)."'";
|
||||
$q.= ", '".mysql_real_escape_string($E)."'";
|
||||
$q.= ", '".mysql_real_escape_string($P)."'";
|
||||
$q.= ", '".mysql_real_escape_string($R)."'";
|
||||
$q.= ", '".mysql_real_escape_string($L)."'";
|
||||
$q.= ", '".mysql_real_escape_string($I)."'";
|
||||
if ($N) {
|
||||
$q.= ", 1)";
|
||||
} else {
|
||||
|
|
@ -281,7 +281,7 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
|
|||
|
||||
#md5 hash the password
|
||||
$q = "UPDATE Users SET ";
|
||||
$q.= "Username = '".mysql_escape_string($U)."'";
|
||||
$q.= "Username = '".mysql_real_escape_string($U)."'";
|
||||
if ($T) {
|
||||
$q.= ", AccountTypeID = ".intval($T);
|
||||
}
|
||||
|
|
@ -290,13 +290,13 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
|
|||
} else {
|
||||
$q.= ", Suspended = 0";
|
||||
}
|
||||
$q.= ", Email = '".mysql_escape_string($E)."'";
|
||||
$q.= ", Email = '".mysql_real_escape_string($E)."'";
|
||||
if ($P) {
|
||||
$q.= ", Passwd = '".mysql_escape_string(md5($P))."'";
|
||||
$q.= ", Passwd = '".mysql_real_escape_string(md5($P))."'";
|
||||
}
|
||||
$q.= ", RealName = '".mysql_escape_string($R)."'";
|
||||
$q.= ", LangPreference = '".mysql_escape_string($L)."'";
|
||||
$q.= ", IRCNick = '".mysql_escape_string($I)."'";
|
||||
$q.= ", RealName = '".mysql_real_escape_string($R)."'";
|
||||
$q.= ", LangPreference = '".mysql_real_escape_string($L)."'";
|
||||
$q.= ", IRCNick = '".mysql_real_escape_string($I)."'";
|
||||
$q.= ", NewPkgNotify = ";
|
||||
if ($N) {
|
||||
$q.= "1 ";
|
||||
|
|
@ -435,19 +435,19 @@ function search_results_page($UTYPE,$O=0,$SB="",$U="",$T="",
|
|||
$search_vars[] = "S";
|
||||
}
|
||||
if ($U) {
|
||||
$q.= "AND Username LIKE '%".mysql_escape_string($U)."%' ";
|
||||
$q.= "AND Username LIKE '%".mysql_real_escape_string($U)."%' ";
|
||||
$search_vars[] = "U";
|
||||
}
|
||||
if ($E) {
|
||||
$q.= "AND Email LIKE '%".mysql_escape_string($E)."%' ";
|
||||
$q.= "AND Email LIKE '%".mysql_real_escape_string($E)."%' ";
|
||||
$search_vars[] = "E";
|
||||
}
|
||||
if ($R) {
|
||||
$q.= "AND RealName LIKE '%".mysql_escape_string($R)."%' ";
|
||||
$q.= "AND RealName LIKE '%".mysql_real_escape_string($R)."%' ";
|
||||
$search_vars[] = "R";
|
||||
}
|
||||
if ($I) {
|
||||
$q.= "AND IRCNick LIKE '%".mysql_escape_string($I)."%' ";
|
||||
$q.= "AND IRCNick LIKE '%".mysql_real_escape_string($I)."%' ";
|
||||
$search_vars[] = "I";
|
||||
}
|
||||
switch ($SB) {
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ function check_sid() {
|
|||
#
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT LastUpdateTS, UNIX_TIMESTAMP() FROM Sessions ";
|
||||
$q.= "WHERE SessionID = '" . mysql_escape_string($_COOKIE["AURSID"]) . "'";
|
||||
$q.= "WHERE SessionID = '" . mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
# Invalid SessionID - hacker alert!
|
||||
|
|
@ -118,7 +118,7 @@ function check_sid() {
|
|||
# the main page where they can log in again.
|
||||
#
|
||||
$q = "DELETE FROM Sessions WHERE SessionID = '";
|
||||
$q.= mysql_escape_string($_COOKIE["AURSID"]) . "'";
|
||||
$q.= mysql_real_escape_string($_COOKIE["AURSID"]) . "'";
|
||||
db_query($q, $dbh);
|
||||
|
||||
setcookie("AURSID", "", time() - (60*60*24*30), "/");
|
||||
|
|
@ -129,7 +129,7 @@ function check_sid() {
|
|||
# and update the idle timestamp
|
||||
#
|
||||
$q = "UPDATE Sessions SET LastUpdateTS = UNIX_TIMESTAMP() ";
|
||||
$q.= "WHERE SessionID = '".mysql_escape_string($_COOKIE["AURSID"])."'";
|
||||
$q.= "WHERE SessionID = '".mysql_real_escape_string($_COOKIE["AURSID"])."'";
|
||||
db_query($q, $dbh);
|
||||
}
|
||||
}
|
||||
|
|
@ -172,7 +172,7 @@ function username_from_id($id="") {
|
|||
return "";
|
||||
}
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT Username FROM Users WHERE ID = " . mysql_escape_string($id);
|
||||
$q = "SELECT Username FROM Users WHERE ID = " . mysql_real_escape_string($id);
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
return "None";
|
||||
|
|
@ -193,7 +193,7 @@ function username_from_sid($sid="") {
|
|||
$q = "SELECT Username ";
|
||||
$q.= "FROM Users, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
return "";
|
||||
|
|
@ -213,7 +213,7 @@ function email_from_sid($sid="") {
|
|||
$q = "SELECT Email ";
|
||||
$q.= "FROM Users, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
return "";
|
||||
|
|
@ -235,7 +235,7 @@ function account_from_sid($sid="") {
|
|||
$q.= "FROM Users, AccountTypes, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND AccountTypes.ID = Users.AccountTypeID ";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
return "";
|
||||
|
|
@ -255,7 +255,7 @@ function uid_from_sid($sid="") {
|
|||
$q = "SELECT Users.ID ";
|
||||
$q.= "FROM Users, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_escape_string($sid) . "'";
|
||||
$q.= "AND Sessions.SessionID = '" . mysql_real_escape_string($sid) . "'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
return 0;
|
||||
|
|
@ -329,7 +329,7 @@ function set_lang() {
|
|||
$q = "SELECT LangPreference FROM Users, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND Sessions.SessionID = '";
|
||||
$q.= mysql_escape_string($_COOKIE["AURSID"])."'";
|
||||
$q.= mysql_real_escape_string($_COOKIE["AURSID"])."'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
$LANG = "en";
|
||||
|
|
@ -491,7 +491,7 @@ function can_overwrite_pkg($name="", $sid="") {
|
|||
if (!$name || !$sid) {return 0;}
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT SubmitterUID, MaintainerUID, AURMaintainerUID ";
|
||||
$q.= "FROM Packages WHERE Name = '".mysql_escape_string($name)."'";
|
||||
$q.= "FROM Packages WHERE Name = '".mysql_real_escape_string($name)."'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {return 0;}
|
||||
$row = mysql_fetch_row($result);
|
||||
|
|
@ -561,7 +561,7 @@ function uid_from_username($username="")
|
|||
return "";
|
||||
}
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT ID FROM Users WHERE Username = '".mysql_escape_string($username)
|
||||
$q = "SELECT ID FROM Users WHERE Username = '".mysql_real_escape_string($username)
|
||||
."'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ function package_exists($name="") {
|
|||
if (!$name) {return NULL;}
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT ID FROM Packages ";
|
||||
$q.= "WHERE Name = '".mysql_escape_string($name)."' ";
|
||||
$q.= "WHERE Name = '".mysql_real_escape_string($name)."' ";
|
||||
$q.= "AND DummyPkg = 0";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {return NULL;}
|
||||
|
|
@ -141,7 +141,7 @@ function package_dependencies($pkgid=0) {
|
|||
$dbh = db_connect();
|
||||
$q = "SELECT DepPkgID, Name, DummyPkg, DepCondition FROM PackageDepends, Packages ";
|
||||
$q.= "WHERE PackageDepends.DepPkgID = Packages.ID ";
|
||||
$q.= "AND PackageDepends.PackageID = ".mysql_escape_string($pkgid);
|
||||
$q.= "AND PackageDepends.PackageID = ".mysql_real_escape_string($pkgid);
|
||||
$q.= " ORDER BY Name";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {return array();}
|
||||
|
|
@ -161,14 +161,14 @@ function create_dummy($pname="", $sid="") {
|
|||
if (!$uid) {return NULL;}
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT ID FROM Packages WHERE Name = '";
|
||||
$q.= mysql_escape_string($pname)."'";
|
||||
$q.= mysql_real_escape_string($pname)."'";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!mysql_num_rows($result)) {
|
||||
# Insert the dummy
|
||||
#
|
||||
$q = "INSERT INTO Packages (Name, Description, URL, SubmittedTS, ";
|
||||
$q.= "SubmitterUID, DummyPkg) VALUES ('";
|
||||
$q.= mysql_escape_string($pname)."', 'A dummy package', '/#', ";
|
||||
$q.= mysql_real_escape_string($pname)."', 'A dummy package', '/#', ";
|
||||
$q.= "UNIX_TIMESTAMP(), ".$uid.", 1)";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {
|
||||
|
|
@ -193,7 +193,7 @@ function package_comments($pkgid=0) {
|
|||
$q = "SELECT PackageComments.ID, UserName, UsersID, Comments, CommentTS ";
|
||||
$q.= "FROM PackageComments, Users ";
|
||||
$q.= "WHERE PackageComments.UsersID = Users.ID";
|
||||
$q.= " AND PackageID = ".mysql_escape_string($pkgid);
|
||||
$q.= " AND PackageID = ".mysql_real_escape_string($pkgid);
|
||||
$q.= " AND DelUsersID = 0"; # only display non-deleted comments
|
||||
$q.= " ORDER BY CommentTS DESC";
|
||||
$result = db_query($q, $dbh);
|
||||
|
|
@ -212,7 +212,7 @@ function package_sources($pkgid=0) {
|
|||
if ($pkgid) {
|
||||
$dbh = db_connect();
|
||||
$q = "SELECT Source FROM PackageSources ";
|
||||
$q.= "WHERE PackageID = ".mysql_escape_string($pkgid);
|
||||
$q.= "WHERE PackageID = ".mysql_real_escape_string($pkgid);
|
||||
$q.= " ORDER BY Source";
|
||||
$result = db_query($q, $dbh);
|
||||
if (!$result) {return array();}
|
||||
|
|
@ -234,7 +234,7 @@ function pkgvotes_from_sid($sid="") {
|
|||
$q.= "FROM PackageVotes, Users, Sessions ";
|
||||
$q.= "WHERE Users.ID = Sessions.UsersID ";
|
||||
$q.= "AND Users.ID = PackageVotes.UsersID ";
|
||||
$q.= "AND Sessions.SessionID = '".mysql_escape_string($sid)."'";
|
||||
$q.= "AND Sessions.SessionID = '".mysql_real_escape_string($sid)."'";
|
||||
$result = db_query($q, $dbh);
|
||||
if ($result) {
|
||||
while ($row = mysql_fetch_row($result)) {
|
||||
|
|
@ -901,10 +901,10 @@ function pkg_search_page($SID="") {
|
|||
#search by maintainer
|
||||
if ($_REQUEST["SeB"] == "m"){
|
||||
if (!$has_where) {
|
||||
$q.= "WHERE Username = '".mysql_escape_string($K)."' ";
|
||||
$q.= "WHERE Username = '".mysql_real_escape_string($K)."' ";
|
||||
$has_where = 1;
|
||||
} else {
|
||||
$q.= "AND Username = '".mysql_escape_string($K)."' ";
|
||||
$q.= "AND Username = '".mysql_real_escape_string($K)."' ";
|
||||
}
|
||||
} elseif ($_REQUEST["SeB"] == "s") {
|
||||
if (!$has_where) {
|
||||
|
|
@ -916,12 +916,12 @@ function pkg_search_page($SID="") {
|
|||
# the default behaivior, query the name/description
|
||||
} else {
|
||||
if (!$has_where) {
|
||||
$q.= "WHERE (Name LIKE '%".mysql_escape_string($K)."%' OR ";
|
||||
$q.= "Description LIKE '%".mysql_escape_string($K)."%') ";
|
||||
$q.= "WHERE (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
|
||||
$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
|
||||
$has_where = 1;
|
||||
} else {
|
||||
$q.= "AND (Name LIKE '%".mysql_escape_string($K)."%' OR ";
|
||||
$q.= "Description LIKE '%".mysql_escape_string($K)."%') ";
|
||||
$q.= "AND (Name LIKE '%".mysql_real_escape_string($K)."%' OR ";
|
||||
$q.= "Description LIKE '%".mysql_real_escape_string($K)."%') ";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue