Hecht
/
agng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Hotfix for sql injection vulnerability.

Browse Source
main
hecht 9 years ago
parent 4d4d055fac
commit 7cd3b35caf
5 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File

4
ag/clan/add.php
Unescape View File

@ -14,8 +14,8 @@ include_once (ROOT_PATH . '/include/clan.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$clanid = validateUnsignedInteger($_GET['clanid'], null);
$poll1 = validateString($_GET['poll1']);
$poll2 = validateString('ASC');
$poll1 = validateStringCritical($_GET['poll1']);
$poll2 = validateStringCritical($_GET['poll2']);
$pagenum = validateUnsignedInteger($_GET['pagenum'], null);
// Unkritisch

5
ag/include/parse.inc.php
Unescape View File

@ -302,6 +302,11 @@ function validateStringArray($value){
return $value;
}
function validateStringCritical($value) {
$value = validateString($value);
return preg_replace('#[()\]\[\s]#', '', $value);
}
function validateEmailAddress($mail){
return validateString($mail);
}

4
ag/info/attacken.php
Unescape View File

@ -395,8 +395,8 @@ $fruchttyp= validateString($_GET['fruchttyp']);
$rassen = validateUnsignedInteger($_GET['rassen']);
$tf = validateUnsignedInteger($_GET['tf']);
$search = validateString($_GET['search']);
$order = validateString($_GET['order']);
$order_art = validateString($_GET['order_art']);
$order = validateStringCritical($_GET['order']);
$order_art = validateStringCritical($_GET['order_art']);
$pagenum = validateUnsignedInteger($_GET['pagenum']);
$seiten = validateUnsignedInteger($_GET['seiten']);
$last_klick1 = validateString($_GET['last_klick1']);

2
ag/markt.php
Unescape View File

@ -40,7 +40,7 @@ $item_9 = validateUnsignedInteger($_GET['item_9'], null);
$item_10 = validateUnsignedInteger($_GET['item_10'], null);
$pagenum = validateUnsignedInteger($_GET['pagenum'], null);
$oder = validateString($_GET['oder']);
$ords = validateString($_GET['ords']);
$ords = validateStringCritical($_GET['ords']);
$charm = validateString($_GET['charm']);
// Unkritisch

2
ag/ranglist.php
Unescape View File

@ -15,7 +15,7 @@ include_once(ROOT_PATH.'/include/char.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$wahl = validateString($_GET['wahl']);
$wahl = validateStringCritical($_GET['wahl']);
$char_name = validateName($_GET['char_name']);
$char_vorhanden = mysql_num_rows(mysql_query('SELECT id FROM chars WHERE name like \''.$char_name.'%\' LIMIT 1'));

Write Preview
Loading…
Cancel
Save