diff options
| author | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-03 20:12:23 +0000 |
|---|---|---|
| committer | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-03 20:12:23 +0000 |
| commit | 2af16b67c9ac6af734d6c40b9e43eacf23207f69 (patch) | |
| tree | f97db8ff5281077e82a25af4776efe9308d2c646 | |
| parent | f2753472d759af4a08320290e454e7bcbe9a9bf3 (diff) | |
| download | instadisc-2af16b67c9ac6af734d6c40b9e43eacf23207f69.tar.gz instadisc-2af16b67c9ac6af734d6c40b9e43eacf23207f69.tar.bz2 instadisc-2af16b67c9ac6af734d6c40b9e43eacf23207f69.zip | |
Central: Updated MySQL escape wrappers
Previously ([37]), MySQL query strings were updated to use the MySQL escape function mysql_escape_string(). Now, to add even more protection, the function mysql_real_escape_string() is used instead.
| -rw-r--r-- | central/trunk/instadisc.php | 60 | ||||
| -rw-r--r-- | central/trunk/xmlrpc.php | 26 |
2 files changed, 43 insertions, 43 deletions
| diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php index de0a90e..0edbd82 100644 --- a/central/trunk/instadisc.php +++ b/central/trunk/instadisc.php | |||
| @@ -7,12 +7,12 @@ include_once('class.phpmailer.php'); | |||
| 7 | 7 | ||
| 8 | function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) | 8 | function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) |
| 9 | { | 9 | { |
| 10 | $getverid = "SELECT * FROM oldVerID WHERE name = \"" . mysql_escape_string($username) . "\" AND verID = " . $verificationID; | 10 | $getverid = "SELECT * FROM oldVerID WHERE name = \"" . mysql_real_escape_string($username) . "\" AND verID = " . $verificationID; |
| 11 | $getverid2 = mysql_query($getverid); | 11 | $getverid2 = mysql_query($getverid); |
| 12 | $getverid3 = mysql_fetch_array($getverid2); | 12 | $getverid3 = mysql_fetch_array($getverid2); |
| 13 | if ($getverid3['id'] != $verificationID) | 13 | if ($getverid3['id'] != $verificationID) |
| 14 | { | 14 | { |
| 15 | $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_escape_string($username) . "\""; | 15 | $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_real_escape_string($username) . "\""; |
| 16 | $getitem2 = mysql_query($getitem); | 16 | $getitem2 = mysql_query($getitem); |
| 17 | $getitem3 = mysql_fetch_array($getitem2); | 17 | $getitem3 = mysql_fetch_array($getitem2); |
| 18 | if ($getitem3[$nameField] == $username) | 18 | if ($getitem3[$nameField] == $username) |
| @@ -21,16 +21,16 @@ function instaDisc_checkVerification($username, $verification, $verificationID, | |||
| 21 | 21 | ||
| 22 | if (md5($test) == $verification) | 22 | if (md5($test) == $verification) |
| 23 | { | 23 | { |
| 24 | $cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\""; | 24 | $cntverid = "SELECT COUNT(*) FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 25 | $cntverid2 = mysql_query($cntverid); | 25 | $cntverid2 = mysql_query($cntverid); |
| 26 | $cntverid3 = mysql_fetch_array($cntverid2); | 26 | $cntverid3 = mysql_fetch_array($cntverid2); |
| 27 | if ($cntverid3[0] >= intval(instaDisc_getConfig('verIDBufferSize'))) | 27 | if ($cntverid3[0] >= intval(instaDisc_getConfig('verIDBufferSize'))) |
| 28 | { | 28 | { |
| 29 | $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_escape_string($username) . "\""; | 29 | $delverid = "DELETE FROM oldVerID WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 30 | $delverid2 = mysql_query($delverid); | 30 | $delverid2 = mysql_query($delverid); |
| 31 | } | 31 | } |
| 32 | 32 | ||
| 33 | $insverid = "INSERT INTO oldVerID (name, verID) VALUES (\"" . mysql_escape_string($username) . "\", " . $verificationID . ")"; | 33 | $insverid = "INSERT INTO oldVerID (name, verID) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $verificationID . ")"; |
| 34 | $insverid2 = mysql_query($insverid); | 34 | $insverid2 = mysql_query($insverid); |
| 35 | 35 | ||
| 36 | return true; | 36 | return true; |
| @@ -43,12 +43,12 @@ function instaDisc_checkVerification($username, $verification, $verificationID, | |||
| 43 | 43 | ||
| 44 | function instaDisc_sendItem($username, $id) | 44 | function instaDisc_sendItem($username, $id) |
| 45 | { | 45 | { |
| 46 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; | 46 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; |
| 47 | $getitem2 = mysql_query($getitem); | 47 | $getitem2 = mysql_query($getitem); |
| 48 | $getitem3 = mysql_fetch_array($getitem2); | 48 | $getitem3 = mysql_fetch_array($getitem2); |
| 49 | if ($getitem3['username'] == $username) | 49 | if ($getitem3['username'] == $username) |
| 50 | { | 50 | { |
| 51 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\""; | 51 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 52 | $getuser2 = mysql_query($getuser); | 52 | $getuser2 = mysql_query($getuser); |
| 53 | $getuser3 = mysql_fetch_array($getuser2); | 53 | $getuser3 = mysql_fetch_array($getuser2); |
| 54 | 54 | ||
| @@ -97,7 +97,7 @@ function instaDisc_sendDatabase($cserver) | |||
| 97 | } | 97 | } |
| 98 | 98 | ||
| 99 | $cserver2 = $_SERVER['HTTP_HOST']; | 99 | $cserver2 = $_SERVER['HTTP_HOST']; |
| 100 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\""; | 100 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver2) . "\""; |
| 101 | $getuk2 = mysql_query($getuk); | 101 | $getuk2 = mysql_query($getuk); |
| 102 | $getuk3 = mysql_fetch_array($getuk2); | 102 | $getuk3 = mysql_fetch_array($getuk2); |
| 103 | 103 | ||
| @@ -113,16 +113,16 @@ function instaDisc_sendDatabase($cserver) | |||
| 113 | 113 | ||
| 114 | function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics) | 114 | function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics) |
| 115 | { | 115 | { |
| 116 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\""; | 116 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 117 | $getuser2 = mysql_query($getuser); | 117 | $getuser2 = mysql_query($getuser); |
| 118 | $getuser3 = mysql_fetch_array($getuser2); | 118 | $getuser3 = mysql_fetch_array($getuser2); |
| 119 | if ($getuser3['username'] == $username) | 119 | if ($getuser3['username'] == $username) |
| 120 | { | 120 | { |
| 121 | $itemID = $getuser3['nextItemID']; | 121 | $itemID = $getuser3['nextItemID']; |
| 122 | $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_escape_string($username) . "\""; | 122 | $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 123 | $setuser2 = mysql_query($setuser); | 123 | $setuser2 = mysql_query($setuser); |
| 124 | 124 | ||
| 125 | $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics) VALUES (\"" . mysql_escape_string($username) . "\", " . $itemID . ", \"" . mysql_escape_string($subscription) . "\", \"" . mysql_escape_string($title) . "\", \"" . mysql_escape_string($author) . "\", \"" . mysql_escape_string($url) . "\", \"" . mysql_escape_string(serialize($semantics)) . "\")"; | 125 | $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics) VALUES (\"" . mysql_real_escape_string($username) . "\", " . $itemID . ", \"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($title) . "\", \"" . mysql_real_escape_string($author) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string(serialize($semantics)) . "\")"; |
| 126 | $insitem2 = mysql_query($insitem); | 126 | $insitem2 = mysql_query($insitem); |
| 127 | 127 | ||
| 128 | instaDisc_sendItem($username, $itemID); | 128 | instaDisc_sendItem($username, $itemID); |
| @@ -152,7 +152,7 @@ function instaDisc_sendActivationEmail($username, $password, $email) | |||
| 152 | { | 152 | { |
| 153 | $penKey = md5(rand(1,65536)); | 153 | $penKey = md5(rand(1,65536)); |
| 154 | 154 | ||
| 155 | $inspending = "INSERT INTO pending (username, password, email, key) VALUES (\"" . mysql_escape_string($username) . "\", \"" . mysql_escape_string($password) . "\", \"" . mysql_escape_string($email) . "\", \"" . mysql_escape_string($penKey) . "\")"; | 155 | $inspending = "INSERT INTO pending (username, password, email, key) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($password) . "\", \"" . mysql_real_escape_string($email) . "\", \"" . mysql_real_escape_string($penKey) . "\")"; |
| 156 | $inspending2 = mysql_query($inspending); | 156 | $inspending2 = mysql_query($inspending); |
| 157 | 157 | ||
| 158 | $mail = instaDisc_phpMailer(); | 158 | $mail = instaDisc_phpMailer(); |
| @@ -165,15 +165,15 @@ function instaDisc_sendActivationEmail($username, $password, $email) | |||
| 165 | 165 | ||
| 166 | function instaDisc_activateAccount($username, $penKey) | 166 | function instaDisc_activateAccount($username, $penKey) |
| 167 | { | 167 | { |
| 168 | $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_escape_string($username) . "\" AND key = \"" . mysql_escape_string($penKey) . "\""; | 168 | $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND key = \"" . mysql_real_escape_string($penKey) . "\""; |
| 169 | $getuser2 = mysql_query($getuser); | 169 | $getuser2 = mysql_query($getuser); |
| 170 | $getuser3 = mysql_fetch_array($getuser2); | 170 | $getuser3 = mysql_fetch_array($getuser2); |
| 171 | if ($getuser3['username'] == $username) | 171 | if ($getuser3['username'] == $username) |
| 172 | { | 172 | { |
| 173 | $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_escape_string($username) . "\", \"" . mysql_escape_string($password) . "\", \"" . mysql_escape_string($email) . "\")"; | 173 | $insuser = "INSERT INTO users (username, password, email) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($password) . "\", \"" . mysql_real_escape_string($email) . "\")"; |
| 174 | $insuser2 = mysql_query($insuser); | 174 | $insuser2 = mysql_query($insuser); |
| 175 | 175 | ||
| 176 | $delpending = "DELETE FROM pending WHERE username = \"" . mysql_escape_string($username) . "\""; | 176 | $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 177 | $delpending2 = mysql_query($delpending); | 177 | $delpending2 = mysql_query($delpending); |
| 178 | 178 | ||
| 179 | $mail = instaDisc_phpMailer(); | 179 | $mail = instaDisc_phpMailer(); |
| @@ -189,12 +189,12 @@ function instaDisc_activateAccount($username, $penKey) | |||
| 189 | 189 | ||
| 190 | function instaDisc_deactivateAccount($username, $penKey) | 190 | function instaDisc_deactivateAccount($username, $penKey) |
| 191 | { | 191 | { |
| 192 | $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_escape_string($username) . "\" AND key = \"" . mysql_escape_string($penKey) . "\""; | 192 | $getuser = "SELECT * FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\" AND key = \"" . mysql_real_escape_string($penKey) . "\""; |
| 193 | $getuser2 = mysql_query($getuser); | 193 | $getuser2 = mysql_query($getuser); |
| 194 | $getuser3 = mysql_fetch_array($getuser2); | 194 | $getuser3 = mysql_fetch_array($getuser2); |
| 195 | if ($getuser3['username'] == $username) | 195 | if ($getuser3['username'] == $username) |
| 196 | { | 196 | { |
| 197 | $delpending = "DELETE FROM pending WHERE username = \"" . mysql_escape_string($username) . "\""; | 197 | $delpending = "DELETE FROM pending WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 198 | $delpending2 = mysql_query($delpending); | 198 | $delpending2 = mysql_query($delpending); |
| 199 | 199 | ||
| 200 | return true; | 200 | return true; |
| @@ -210,18 +210,18 @@ function instaDisc_verifyUser($username, $password) | |||
| 210 | 210 | ||
| 211 | function instaDisc_deleteAccount($username) | 211 | function instaDisc_deleteAccount($username) |
| 212 | { | 212 | { |
| 213 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\""; | 213 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 214 | $getuser2 = mysql_query($getuser); | 214 | $getuser2 = mysql_query($getuser); |
| 215 | $getuser3 = mysql_fetch_array($getuser2); | 215 | $getuser3 = mysql_fetch_array($getuser2); |
| 216 | if ($getuser3['username'] == $username) | 216 | if ($getuser3['username'] == $username) |
| 217 | { | 217 | { |
| 218 | $deluser = "DELETE FROM users WHERE username = \"" . mysql_escape_string($username) . "\""; | 218 | $deluser = "DELETE FROM users WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 219 | $deluser2 = mysql_query($deluser); | 219 | $deluser2 = mysql_query($deluser); |
| 220 | 220 | ||
| 221 | $delsubs = "DELETE FROM subscriptions WHERE username = \"" . mysql_escape_string($username) . "\""; | 221 | $delsubs = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 222 | $delsubs2 = mysql_query($delsubs); | 222 | $delsubs2 = mysql_query($delsubs); |
| 223 | 223 | ||
| 224 | $delitems = "DELETE FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\""; | 224 | $delitems = "DELETE FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 225 | $delitems2 = mysql_query($delitems); | 225 | $delitems2 = mysql_query($delitems); |
| 226 | 226 | ||
| 227 | return true; | 227 | return true; |
| @@ -232,7 +232,7 @@ function instaDisc_deleteAccount($username) | |||
| 232 | 232 | ||
| 233 | function instaDisc_getConfig($key) | 233 | function instaDisc_getConfig($key) |
| 234 | { | 234 | { |
| 235 | $getconfig = "SELECT * FROM config WHERE name = \"" . mysql_escape_string($key) . "\""; | 235 | $getconfig = "SELECT * FROM config WHERE name = \"" . mysql_real_escape_string($key) . "\""; |
| 236 | $getconfig2 = mysql_query($getconfig); | 236 | $getconfig2 = mysql_query($getconfig); |
| 237 | $getconfig3 = mysql_fetch_array($getconfig2); | 237 | $getconfig3 = mysql_fetch_array($getconfig2); |
| 238 | 238 | ||
| @@ -241,7 +241,7 @@ function instaDisc_getConfig($key) | |||
| 241 | 241 | ||
| 242 | function instaDisc_listSubscriptions($username) | 242 | function instaDisc_listSubscriptions($username) |
| 243 | { | 243 | { |
| 244 | $getsubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_escape_string($username) . "\" AND owner = \"true\""; | 244 | $getsubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"true\""; |
| 245 | $getsubs2 = mysql_query($getsubs); | 245 | $getsubs2 = mysql_query($getsubs); |
| 246 | $i=0; | 246 | $i=0; |
| 247 | while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) | 247 | while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) |
| @@ -257,12 +257,12 @@ function instaDisc_listSubscriptions($username) | |||
| 257 | 257 | ||
| 258 | function instaDisc_addSubscription($username, $url) | 258 | function instaDisc_addSubscription($username, $url) |
| 259 | { | 259 | { |
| 260 | $getcode = "SELECT * FROM pending2 WHERE username = \"" . mysql_escape_string($username) . "\" AND url = \"" . mysql_escape_string($url) . "\""; | 260 | $getcode = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; |
| 261 | $getcode2 = mysql_query($getcode); | 261 | $getcode2 = mysql_query($getcode); |
| 262 | $getcode3 = mysql_fetch_array($getcode2); | 262 | $getcode3 = mysql_fetch_array($getcode2); |
| 263 | if ($getcode3['username'] == $username) | 263 | if ($getcode3['username'] == $username) |
| 264 | { | 264 | { |
| 265 | $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_escape_string($username) . "\" AND url = \"" . mysql_escape_string($url) . "\""; | 265 | $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\""; |
| 266 | $delcode2 = mysql_query($delcode); | 266 | $delcode2 = mysql_query($delcode); |
| 267 | 267 | ||
| 268 | $c = curl_init(); | 268 | $c = curl_init(); |
| @@ -289,7 +289,7 @@ function instaDisc_addSubscription($username, $url) | |||
| 289 | { | 289 | { |
| 290 | if ($header['Key'] == $getcode3['code']) | 290 | if ($header['Key'] == $getcode3['code']) |
| 291 | { | 291 | { |
| 292 | $inssub = "INSERT INTO subscriptions (username,url,owner) VALUES (\"" . mysql_escape_string($username) . "\", \"" . mysql_escape_string($header['Subscription']) . "\", \"true\")"; | 292 | $inssub = "INSERT INTO subscriptions (username,url,owner) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\")"; |
| 293 | $inssub2 = mysql_query($inssub); | 293 | $inssub2 = mysql_query($inssub); |
| 294 | 294 | ||
| 295 | return true; | 295 | return true; |
| @@ -305,7 +305,7 @@ function instaDisc_addSubscription($username, $url) | |||
| 305 | 305 | ||
| 306 | function instaDisc_listPendingSubscriptions($username) | 306 | function instaDisc_listPendingSubscriptions($username) |
| 307 | { | 307 | { |
| 308 | $getsubs = "SELECT * FROM pending2 WHERE username = \"" . mysql_escape_string($username) . "\""; | 308 | $getsubs = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 309 | $getsubs2 = mysql_query($getsubs); | 309 | $getsubs2 = mysql_query($getsubs); |
| 310 | $i=0; | 310 | $i=0; |
| 311 | while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) | 311 | while ($getsubs3[$i] = mysql_fetch_array($getsubs2)) |
| @@ -323,7 +323,7 @@ function instaDisc_generateSubscriptionActivation($username, $url) | |||
| 323 | { | 323 | { |
| 324 | $key = md5(rand(1,65536)); | 324 | $key = md5(rand(1,65536)); |
| 325 | 325 | ||
| 326 | $inspending = "INSERT INTO pending2 (username, url, key) VALUES (\"" . mysql_escape_string($username) . "\", \"" . mysql_escape_string($url) . "\", \"" . mysql_escape_string($key) . "\")"; | 326 | $inspending = "INSERT INTO pending2 (username, url, key) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($url) . "\", \"" . mysql_real_escape_string($key) . "\")"; |
| 327 | $inspending2 = mysql_query($inspending); | 327 | $inspending2 = mysql_query($inspending); |
| 328 | 328 | ||
| 329 | return $key; | 329 | return $key; |
| @@ -331,7 +331,7 @@ function instaDisc_generateSubscriptionActivation($username, $url) | |||
| 331 | 331 | ||
| 332 | function instaDisc_deleteSubscription($username, $url) | 332 | function instaDisc_deleteSubscription($username, $url) |
| 333 | { | 333 | { |
| 334 | $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_escape_string($username) . "\" AND url = \"" . mysql_escape_string($url) . "\")"; | 334 | $delsub = "DELETE FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; |
| 335 | $delsub2 = mysql_query($delsub); | 335 | $delsub2 = mysql_query($delsub); |
| 336 | 336 | ||
| 337 | return true; | 337 | return true; |
| @@ -339,7 +339,7 @@ function instaDisc_deleteSubscription($username, $url) | |||
| 339 | 339 | ||
| 340 | function instaDisc_cancelSubscription($username, $url) | 340 | function instaDisc_cancelSubscription($username, $url) |
| 341 | { | 341 | { |
| 342 | $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_escape_string($username) . "\" AND url = \"" . mysql_escape_string($url) . "\")"; | 342 | $delsub = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\")"; |
| 343 | $delsub2 = mysql_query($delsub); | 343 | $delsub2 = mysql_query($delsub); |
| 344 | 344 | ||
| 345 | return true; | 345 | return true; |
| diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php index cd0bb06..5ac5868 100644 --- a/central/trunk/xmlrpc.php +++ b/central/trunk/xmlrpc.php | |||
| @@ -21,12 +21,12 @@ function deleteItem($username, $verification, $verificationID, $id) | |||
| 21 | { | 21 | { |
| 22 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 22 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 23 | { | 23 | { |
| 24 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; | 24 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; |
| 25 | $getitem2 = mysql_query($getitem); | 25 | $getitem2 = mysql_query($getitem); |
| 26 | $getitem3 = mysql_fetch_array($getitem2); | 26 | $getitem3 = mysql_fetch_array($getitem2); |
| 27 | if ($getitem3['id'] == $id) | 27 | if ($getitem3['id'] == $id) |
| 28 | { | 28 | { |
| 29 | $delitem = "DELETE FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; | 29 | $delitem = "DELETE FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; |
| 30 | $delitem2 = mysql_query($delitem); | 30 | $delitem2 = mysql_query($delitem); |
| 31 | 31 | ||
| 32 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 32 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
| @@ -40,7 +40,7 @@ function resendItem($username, $verification, $verificationID, $id) | |||
| 40 | { | 40 | { |
| 41 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 41 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 42 | { | 42 | { |
| 43 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; | 43 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\" AND itemID = " . $id; |
| 44 | $getitem2 = mysql_query($getitem); | 44 | $getitem2 = mysql_query($getitem); |
| 45 | $getitem3 = mysql_fetch_array($getitem2); | 45 | $getitem3 = mysql_fetch_array($getitem2); |
| 46 | if ($getitem3['id'] == $id) | 46 | if ($getitem3['id'] == $id) |
| @@ -58,7 +58,7 @@ function requestRetained($username, $verification, $veriicationID) | |||
| 58 | { | 58 | { |
| 59 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 59 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 60 | { | 60 | { |
| 61 | $getitems = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\""; | 61 | $getitems = "SELECT * FROM inbox WHERE username = \"" . mysql_real_escape_string($username) . "\""; |
| 62 | $getitems2 = mysql_query($getitems); | 62 | $getitems2 = mysql_query($getitems); |
| 63 | $i=0; | 63 | $i=0; |
| 64 | while ($getitems3[$i] = mysql_fetch_array($getitems2)) | 64 | while ($getitems3[$i] = mysql_fetch_array($getitems2)) |
| @@ -77,13 +77,13 @@ function sendFromUpdate($username, $verification, $verificationID, $subscription | |||
| 77 | { | 77 | { |
| 78 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 78 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 79 | { | 79 | { |
| 80 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_escape_string($username) . "\" AND uri = \"" . mysql_escape_string($subscription) . "\" AND owner = \"true\""; | 80 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_real_escape_string($username) . "\" AND uri = \"" . mysql_real_escape_string($subscription) . "\" AND owner = \"true\""; |
| 81 | $getusubs2 = mysql_query($getusubs); | 81 | $getusubs2 = mysql_query($getusubs); |
| 82 | $getusubs3 = mysql_fetch_array($getusubs2); | 82 | $getusubs3 = mysql_fetch_array($getusubs2); |
| 83 | if ($getusubs['username'] == $username) | 83 | if ($getusubs['username'] == $username) |
| 84 | { | 84 | { |
| 85 | $cserver = $_SERVER['HTTP_HOST']; | 85 | $cserver = $_SERVER['HTTP_HOST']; |
| 86 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver) . "\""; | 86 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver) . "\""; |
| 87 | $getuk2 = mysql_query($getuk); | 87 | $getuk2 = mysql_query($getuk); |
| 88 | $getuk3 = mysql_fetch_array($getuk2); | 88 | $getuk3 = mysql_fetch_array($getuk2); |
| 89 | 89 | ||
| @@ -126,7 +126,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
| 126 | } else if ($softwareVersion < instaDisc_getConfig('softwareVersion')) | 126 | } else if ($softwareVersion < instaDisc_getConfig('softwareVersion')) |
| 127 | { | 127 | { |
| 128 | $cserver2 = $_SERVER['HTTP_HOST']; | 128 | $cserver2 = $_SERVER['HTTP_HOST']; |
| 129 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\""; | 129 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver2) . "\""; |
| 130 | $getuk2 = mysql_query($getuk); | 130 | $getuk2 = mysql_query($getuk); |
| 131 | $getuk3 = mysql_fetch_array($getuk2); | 131 | $getuk3 = mysql_fetch_array($getuk2); |
| 132 | 132 | ||
| @@ -143,7 +143,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
| 143 | if ($databaseVersion > instaDisc_getConfig('databaseVersion')) | 143 | if ($databaseVersion > instaDisc_getConfig('databaseVersion')) |
| 144 | { | 144 | { |
| 145 | $cserver2 = $_SERVER['HTTP_HOST']; | 145 | $cserver2 = $_SERVER['HTTP_HOST']; |
| 146 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\""; | 146 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_real_escape_string($cserver2) . "\""; |
| 147 | $getuk2 = mysql_query($getuk); | 147 | $getuk2 = mysql_query($getuk); |
| 148 | $getuk3 = mysql_fetch_array($getuk2); | 148 | $getuk3 = mysql_fetch_array($getuk2); |
| 149 | 149 | ||
| @@ -160,7 +160,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
| 160 | instaDisc_sendDatabase($cserver); | 160 | instaDisc_sendDatabase($cserver); |
| 161 | } | 161 | } |
| 162 | 162 | ||
| 163 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . mysql_escape_string($subscription) . "\""; | 163 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . mysql_real_escape_string($subscription) . "\""; |
| 164 | $getsed2 = mysql_query($getsed); | 164 | $getsed2 = mysql_query($getsed); |
| 165 | $i=0; | 165 | $i=0; |
| 166 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) | 166 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) |
| @@ -209,12 +209,12 @@ function deleteSubscription($username, $verification, $verificationID, $subscrip | |||
| 209 | { | 209 | { |
| 210 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 210 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 211 | { | 211 | { |
| 212 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_escape_string($subscription) . "\" AND username = \"" . mysql_escape_string($username) . "\" AND owner = \"false\""; | 212 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\""; |
| 213 | $getsub2 = mysql_query($getsub); | 213 | $getsub2 = mysql_query($getsub); |
| 214 | $getsub3 = mysql_fetch_array($getsub2); | 214 | $getsub3 = mysql_fetch_array($getsub2); |
| 215 | if ($getsub3['url'] == $subscription) | 215 | if ($getsub3['url'] == $subscription) |
| 216 | { | 216 | { |
| 217 | $delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_escape_string($subscription) . "\" AND username = \"" . mysql_escape_string($username) . "\" AND owner = \"false\""; | 217 | $delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\""; |
| 218 | $delsub2 = mysql_query($delsub); | 218 | $delsub2 = mysql_query($delsub); |
| 219 | 219 | ||
| 220 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 220 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
| @@ -228,7 +228,7 @@ function addSubscription($username, $verification, $verificationID, $subscriptio | |||
| 228 | { | 228 | { |
| 229 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 229 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
| 230 | { | 230 | { |
| 231 | $inssub = "INSERT INTO subscriptions (url, username, owner) VALUES (\"" . mysql_escape_string($subscription) . "\", \"" . mysql_escape_string($username) . "\", \"false\")"; | 231 | $inssub = "INSERT INTO subscriptions (url, username, owner) VALUES (\"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($username) . "\", \"false\")"; |
| 232 | $inssub2 = mysql_query($inssub); | 232 | $inssub2 = mysql_query($inssub); |
| 233 | 233 | ||
| 234 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 234 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
| @@ -254,7 +254,7 @@ function sendDatabase($cserver, $verification, $verificationID, $db) | |||
| 254 | 254 | ||
| 255 | foreach($db as $name => $value) | 255 | foreach($db as $name => $value) |
| 256 | { | 256 | { |
| 257 | $insdb = "INSERT INTO centralServers (url, key, xmlrpc) VALUES (\"" . mysql_escape_string($name) . "\", \"" . mysql_escape_string($value['key']) . "\", \"" . mysql_escape_string($value['xmlrpc']) . "\")"; | 257 | $insdb = "INSERT INTO centralServers (url, key, xmlrpc) VALUES (\"" . mysql_real_escape_string($name) . "\", \"" . mysql_real_escape_string($value['key']) . "\", \"" . mysql_real_escape_string($value['xmlrpc']) . "\")"; |
| 258 | $insdb2 = mysql_query($insdb); | 258 | $insdb2 = mysql_query($insdb); |
| 259 | } | 259 | } |
| 260 | 260 | ||