diff options
author | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-01 18:34:35 +0000 |
---|---|---|
committer | Kelly Rauchenberger <fefferburbia@gmail.com> | 2008-08-01 18:34:35 +0000 |
commit | edc9d436c4e4f9fa3cb00256652190359a4ddc20 (patch) | |
tree | 38cf352c9501dfcbb283565d83f9e16c8eff3c60 | |
parent | 0114b7b5ddaf919a61b108f5006a256b81178c3d (diff) | |
download | instadisc-edc9d436c4e4f9fa3cb00256652190359a4ddc20.tar.gz instadisc-edc9d436c4e4f9fa3cb00256652190359a4ddc20.tar.bz2 instadisc-edc9d436c4e4f9fa3cb00256652190359a4ddc20.zip |
Central: MySQL-escaped query strings
Wrapped strings in MySQL queries with mysql_escape_string() to prevent errors and XSS-attacks.
-rw-r--r-- | central/trunk/instadisc.php | 8 | ||||
-rw-r--r-- | central/trunk/xmlrpc.php | 22 |
2 files changed, 15 insertions, 15 deletions
diff --git a/central/trunk/instadisc.php b/central/trunk/instadisc.php index f4fcd1e..d32d2d7 100644 --- a/central/trunk/instadisc.php +++ b/central/trunk/instadisc.php | |||
@@ -6,7 +6,7 @@ include_once('db.php'); | |||
6 | 6 | ||
7 | function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) | 7 | function instaDisc_checkVerification($username, $verification, $verificationID, $table, $nameField, $passField) |
8 | { | 8 | { |
9 | $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . $username . "\""; | 9 | $getitem = "SELECT * FROM " . $table . " WHERE " . $nameField . " = \"" . mysql_escape_string($username) . "\""; |
10 | $getitem2 = mysql_query($getitem); | 10 | $getitem2 = mysql_query($getitem); |
11 | $getitem3 = mysql_fetch_array($getitem2); | 11 | $getitem3 = mysql_fetch_array($getitem2); |
12 | if ($getitem3[$nameField] == $username) | 12 | if ($getitem3[$nameField] == $username) |
@@ -41,16 +41,16 @@ function instaDisc_sendDatabase($cserver) | |||
41 | 41 | ||
42 | function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics) | 42 | function instaDisc_addItem($username, $subscription, $title, $author, $url, $semantics) |
43 | { | 43 | { |
44 | $getuser = "SELECT * FROM users WHERE username = \"" . $username . "\""; | 44 | $getuser = "SELECT * FROM users WHERE username = \"" . mysql_escape_string($username) . "\""; |
45 | $getuser2 = mysql_query($getuser); | 45 | $getuser2 = mysql_query($getuser); |
46 | $getuser3 = mysql_fetch_array($getuser2); | 46 | $getuser3 = mysql_fetch_array($getuser2); |
47 | if ($getuser3['username'] == $username) | 47 | if ($getuser3['username'] == $username) |
48 | { | 48 | { |
49 | $itemID = $getuser3['nextItemID']; | 49 | $itemID = $getuser3['nextItemID']; |
50 | $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . $username . "\""; | 50 | $setuser = "UPDATE users SET nextItemID = nextItemID+1 WHERE username = \"" . mysql_escape_string($username) . "\""; |
51 | $setuser2 = mysql_query($setuser); | 51 | $setuser2 = mysql_query($setuser); |
52 | 52 | ||
53 | $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics) VALUES (\"" . $username . "\", " . $itemID . ", \"" . $subscription . "\", \"" . $title . "\", \"" . $author . "\", \"" . $url . "\", \"" . serialize($semantics) . "\")"; | 53 | $insitem = "INSERT INTO inbox (username, itemID, subscription, title, author, url, semantics) VALUES (\"" . mysql_escape_string($username) . "\", " . $itemID . ", \"" . mysql_escape_string($subscription) . "\", \"" . mysql_escape_string($title) . "\", \"" . mysql_escape_string($author) . "\", \"" . mysql_escape_string($url) . "\", \"" . mysql_escape_string(serialize($semantics)) . "\")"; |
54 | $insitem2 = mysql_query($insitem); | 54 | $insitem2 = mysql_query($insitem); |
55 | 55 | ||
56 | instaDisc_sendItem($username, $itemID); | 56 | instaDisc_sendItem($username, $itemID); |
diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php index 16a2c29..68ff92d 100644 --- a/central/trunk/xmlrpc.php +++ b/central/trunk/xmlrpc.php | |||
@@ -21,12 +21,12 @@ function deleteItem($username, $verification, $verificationID, $id) | |||
21 | { | 21 | { |
22 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 22 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
23 | { | 23 | { |
24 | $getitem = "SELECT * FROM inbox WHERE username = \"" . $username . "\" AND itemID = " . $id; | 24 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; |
25 | $getitem2 = mysql_query($getitem); | 25 | $getitem2 = mysql_query($getitem); |
26 | $getitem3 = mysql_fetch_array($getitem2); | 26 | $getitem3 = mysql_fetch_array($getitem2); |
27 | if ($getitem3['id'] == $id) | 27 | if ($getitem3['id'] == $id) |
28 | { | 28 | { |
29 | $delitem = "DELETE inbox WHERE username = \"" . $username . "\" AND itemID = " . $id; | 29 | $delitem = "DELETE inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; |
30 | $delitem2 = mysql_query($delitem); | 30 | $delitem2 = mysql_query($delitem); |
31 | 31 | ||
32 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 32 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
@@ -40,7 +40,7 @@ function resendItem($username, $verification, $verificationID, $id) | |||
40 | { | 40 | { |
41 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 41 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
42 | { | 42 | { |
43 | $getitem = "SELECT * FROM inbox WHERE username = \"" . $username . "\" AND itemID = " . $id; | 43 | $getitem = "SELECT * FROM inbox WHERE username = \"" . mysql_escape_string($username) . "\" AND itemID = " . $id; |
44 | $getitem2 = mysql_query($getitem); | 44 | $getitem2 = mysql_query($getitem); |
45 | $getitem3 = mysql_fetch_array($getitem2); | 45 | $getitem3 = mysql_fetch_array($getitem2); |
46 | if ($getitem3['id'] == $id) | 46 | if ($getitem3['id'] == $id) |
@@ -58,13 +58,13 @@ function sendFromUpdate($username, $verification, $verificationID, $subscription | |||
58 | { | 58 | { |
59 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 59 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
60 | { | 60 | { |
61 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . $username . "\" AND uri = \"" . $subscription . "\" AND owner = \"true\""; | 61 | $getusubs = "SELECT * FROM subscriptions WHERE username = \"" . mysql_escape_string($username) . "\" AND uri = \"" . mysql_escape_string($subscription) . "\" AND owner = \"true\""; |
62 | $getusubs2 = mysql_query($getusubs); | 62 | $getusubs2 = mysql_query($getusubs); |
63 | $getusubs3 = mysql_fetch_array($getusubs2); | 63 | $getusubs3 = mysql_fetch_array($getusubs2); |
64 | if ($getusubs['username'] == $username) | 64 | if ($getusubs['username'] == $username) |
65 | { | 65 | { |
66 | $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 66 | $cserver = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
67 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver . "\""; | 67 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver) . "\""; |
68 | $getuk2 = mysql_query($getuk); | 68 | $getuk2 = mysql_query($getuk); |
69 | $getuk3 = mysql_fetch_array($getuk2); | 69 | $getuk3 = mysql_fetch_array($getuk2); |
70 | 70 | ||
@@ -107,7 +107,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
107 | } else if ($softwareVersion < getConfig('softwareVersion')) | 107 | } else if ($softwareVersion < getConfig('softwareVersion')) |
108 | { | 108 | { |
109 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 109 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
110 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; | 110 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\""; |
111 | $getuk2 = mysql_query($getuk); | 111 | $getuk2 = mysql_query($getuk); |
112 | $getuk3 = mysql_fetch_array($getuk2); | 112 | $getuk3 = mysql_fetch_array($getuk2); |
113 | 113 | ||
@@ -124,7 +124,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
124 | if ($databaseVersion > getConfig('databaseVersion')) | 124 | if ($databaseVersion > getConfig('databaseVersion')) |
125 | { | 125 | { |
126 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; | 126 | $cserver2 = $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; |
127 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . $cserver2 . "\""; | 127 | $getuk = "SELECT * FROM centralServers WHERE url = \"" . mysql_escape_string($cserver2) . "\""; |
128 | $getuk2 = mysql_query($getuk); | 128 | $getuk2 = mysql_query($getuk); |
129 | $getuk3 = mysql_fetch_array($getuk2); | 129 | $getuk3 = mysql_fetch_array($getuk2); |
130 | 130 | ||
@@ -141,7 +141,7 @@ function sendFromCentral($cserver, $verification, $verificationID, $subscription | |||
141 | instaDisc_sendDatabase($cserver); | 141 | instaDisc_sendDatabase($cserver); |
142 | } | 142 | } |
143 | 143 | ||
144 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . $subscription . "\""; | 144 | $getsed = "SELECT * FROM subscriptions WHERE uri = \"" . mysql_escape_string($subscription) . "\""; |
145 | $getsed2 = mysql_query($getsed); | 145 | $getsed2 = mysql_query($getsed); |
146 | $i=0; | 146 | $i=0; |
147 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) | 147 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) |
@@ -190,12 +190,12 @@ function deleteSubscription($username, $verification, $verificationID, $subscrip | |||
190 | { | 190 | { |
191 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 191 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
192 | { | 192 | { |
193 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . $subscription . "\" AND username = \"" . $username . "\" AND owner = \"false\""; | 193 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_escape_string($subscription) . "\" AND username = \"" . mysql_escape_string($username) . "\" AND owner = \"false\""; |
194 | $getsub2 = mysql_query($getsub); | 194 | $getsub2 = mysql_query($getsub); |
195 | $getsub3 = mysql_fetch_array($getsub2); | 195 | $getsub3 = mysql_fetch_array($getsub2); |
196 | if ($getsub3['url'] == $subscription) | 196 | if ($getsub3['url'] == $subscription) |
197 | { | 197 | { |
198 | $delsub = "DELETE subscriptions WHERE url = \"" . $subscription . "\" AND username = \"" . $username . "\" AND owner = \"false\""; | 198 | $delsub = "DELETE subscriptions WHERE url = \"" . mysql_escape_string($subscription) . "\" AND username = \"" . mysql_escape_string($username . "\" AND owner = \"false\""; |
199 | $delsub2 = mysql_query($delsub); | 199 | $delsub2 = mysql_query($delsub); |
200 | 200 | ||
201 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 201 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
@@ -209,7 +209,7 @@ function addSubscription($username, $verification, $verificationID, $subscriptio | |||
209 | { | 209 | { |
210 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 210 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
211 | { | 211 | { |
212 | $inssub = "INSERT INTO subscriptions (url, username, owner) VALUES (\"" . $subscription . "\", \"" . $username . "\", \"false\")"; | 212 | $inssub = "INSERT INTO subscriptions (url, username, owner) VALUES (\"" . mysql_escape_string($subscription) . "\", \"" . mysql_escape_string($username) . "\", \"false\")"; |
213 | $inssub2 = mysql_query($inssub); | 213 | $inssub2 = mysql_query($inssub); |
214 | 214 | ||
215 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 215 | return new xmlrpcresp(new xmlrpcval(0, "int")); |