diff options
author | Star Rauchenberger <fefferburbia@gmail.com> | 2024-01-08 20:31:32 +0000 |
---|---|---|
committer | Star Rauchenberger <fefferburbia@gmail.com> | 2024-01-08 20:31:32 +0000 |
commit | 5b892eafafb1f41bab1a20f1524cef144042e3e1 (patch) | |
tree | 69d3c6eb5439d02a44fefa3af3dac6e13901a7d0 | |
parent | e0eb4e7dd88789432b50260276bfd06242a8ebf6 (diff) | |
download | pillowcase-5b892eafafb1f41bab1a20f1524cef144042e3e1.tar.gz pillowcase-5b892eafafb1f41bab1a20f1524cef144042e3e1.tar.bz2 pillowcase-5b892eafafb1f41bab1a20f1524cef144042e3e1.zip |
sql injection prevention
-rwxr-xr-x | comic.php | 2 | ||||
-rwxr-xr-x | includes/db.php | 5 | ||||
-rwxr-xr-x | includes/fix_mysql.inc.php | 257 | ||||
-rwxr-xr-x | pages/comic.php | 2 |
4 files changed, 262 insertions, 4 deletions
diff --git a/comic.php b/comic.php index 352060b..1e94abc 100755 --- a/comic.php +++ b/comic.php | |||
@@ -8,7 +8,7 @@ if (!isset($_GET['id'])) | |||
8 | exit; | 8 | exit; |
9 | } | 9 | } |
10 | 10 | ||
11 | $getcomic = "SELECT * FROM comics WHERE filename = \"" . $_GET['id'] . ".png\""; | 11 | $getcomic = "SELECT * FROM comics WHERE filename = \"" . mysqli_real_escape_string($mysql_conn, $_GET['id']) . ".png\""; |
12 | $getcomic2 = mysql_query($getcomic); | 12 | $getcomic2 = mysql_query($getcomic); |
13 | $getcomic3 = mysql_fetch_array($getcomic2); | 13 | $getcomic3 = mysql_fetch_array($getcomic2); |
14 | 14 | ||
diff --git a/includes/db.php b/includes/db.php index a763283..6554b8a 100755 --- a/includes/db.php +++ b/includes/db.php | |||
@@ -1,8 +1,9 @@ | |||
1 | <?php | 1 | <?php |
2 | 2 | ||
3 | include($_SERVER['DOCUMENT_ROOT'] . '/../security/pillowcase.php'); | 3 | include_once('fix_mysql.inc.php'); |
4 | include('/srv/www/security/pillowcase.php'); | ||
4 | 5 | ||
5 | mysql_connect($dbhost, $dbuser, $dbpasswd); | 6 | $mysql_conn = mysql_connect($dbhost, $dbuser, $dbpasswd); |
6 | mysql_select_db($dbname); | 7 | mysql_select_db($dbname); |
7 | 8 | ||
8 | ?> | 9 | ?> |
diff --git a/includes/fix_mysql.inc.php b/includes/fix_mysql.inc.php new file mode 100755 index 0000000..8ff45bf --- /dev/null +++ b/includes/fix_mysql.inc.php | |||
@@ -0,0 +1,257 @@ | |||
1 | <?php | ||
2 | /** | ||
3 | * replacement for all mysql functions | ||
4 | * | ||
5 | * @version 3 | ||
6 | * @git https://github.com/rubo77/php-mysql-fix | ||
7 | * | ||
8 | * Be aware, that this is just a workaround to fix-up some old code and the resulting project | ||
9 | * will be more vulnerable than if you use the recommended newer mysqli-functions instead. | ||
10 | * So only If you are sure that this is not setting your server at risk, you can fix your old | ||
11 | * code by adding this line at the beginning of your old code: | ||
12 | |||
13 | <?php | ||
14 | include_once('fix_mysql.inc.php'); | ||
15 | * | ||
16 | * see: https://stackoverflow.com/a/37877644/1069083 | ||
17 | */ | ||
18 | |||
19 | if (!function_exists("mysql_connect")){ | ||
20 | /* warning: fatal error "cannot redeclare" if a function was disabled in php.ini with disable_functions: | ||
21 | disable_functions =mysql_connect,mysql_pconnect,mysql_select_db,mysql_ping,mysql_query,mysql_fetch_assoc,mysql_num_rows,mysql_fetch_array,mysql_error,mysql_insert_id,mysql_close,mysql_real_escape_string,mysql_data_seek,mysql_result | ||
22 | */ | ||
23 | |||
24 | define("MYSQL_ASSOC", MYSQLI_ASSOC); | ||
25 | define("MYSQL_NUM", MYSQLI_NUM); | ||
26 | define("MYSQL_BOTH", MYSQLI_BOTH); | ||
27 | |||
28 | function mysql_fetch_array($result, $result_type = MYSQL_BOTH){ | ||
29 | $row = mysqli_fetch_array($result, $result_type); | ||
30 | return is_null($row) ? false : $row; | ||
31 | } | ||
32 | |||
33 | function mysql_fetch_assoc($result){ | ||
34 | $row = mysqli_fetch_assoc($result); | ||
35 | return is_null($row) ? false : $row; | ||
36 | } | ||
37 | |||
38 | function mysql_fetch_row($result) { | ||
39 | $row = mysqli_fetch_row($result); | ||
40 | return is_null($row) ? false : $row; | ||
41 | } | ||
42 | |||
43 | function mysql_fetch_object($result) { | ||
44 | $row = mysqli_fetch_object($result); | ||
45 | return is_null($row) ? false : $row; | ||
46 | } | ||
47 | |||
48 | function mysql_connect($host, $username, $password, $new_link = FALSE, $client_flags = 0){ | ||
49 | global $global_link_identifier; | ||
50 | $global_link_identifier = mysqli_connect($host, $username, $password); | ||
51 | return $global_link_identifier; | ||
52 | } | ||
53 | |||
54 | function mysql_pconnect($host, $username, $password, $client_flags = 0){ | ||
55 | global $global_link_identifier; | ||
56 | $global_link_identifier = mysqli_connect("p:".$host, $username, $password); | ||
57 | return $global_link_identifier; | ||
58 | } | ||
59 | |||
60 | function mysql_select_db($dbname, $link_identifier = null){ | ||
61 | global $global_link_identifier; | ||
62 | if($link_identifier == null) { | ||
63 | $link_identifier = $global_link_identifier; | ||
64 | } | ||
65 | return mysqli_select_db($link_identifier, $dbname); | ||
66 | } | ||
67 | |||
68 | function mysql_ping($link_identifier = null){ | ||
69 | global $global_link_identifier; | ||
70 | if($link_identifier == null) { | ||
71 | $link_identifier = $global_link_identifier; | ||
72 | } | ||
73 | return mysqli_ping($link_identifier); | ||
74 | } | ||
75 | |||
76 | function mysql_query($stmt, $link_identifier = null){ | ||
77 | global $global_link_identifier; | ||
78 | if($link_identifier == null) { | ||
79 | $link_identifier = $global_link_identifier; | ||
80 | } | ||
81 | return mysqli_query($link_identifier, $stmt); | ||
82 | } | ||
83 | |||
84 | function mysql_db_query ($database, $query, $link_identifier = NULL){ | ||
85 | global $global_link_identifier; | ||
86 | if($link_identifier == null) { | ||
87 | $link_identifier = $global_link_identifier; | ||
88 | } | ||
89 | mysqli_select_db($link_identifier, $database); | ||
90 | return mysqli_query($link_identifier, $query); | ||
91 | } | ||
92 | |||
93 | function mysql_num_rows($result){ | ||
94 | return mysqli_num_rows($result); | ||
95 | } | ||
96 | |||
97 | function mysql_affected_rows($link_identifier = NULL){ | ||
98 | // TODO: check, if working when called without argument: mysql_affected_rows() | ||
99 | global $global_link_identifier; | ||
100 | if($link_identifier == null) { | ||
101 | $link_identifier = $global_link_identifier; | ||
102 | } | ||
103 | return mysqli_affected_rows($link_identifier); | ||
104 | } | ||
105 | |||
106 | function mysql_list_tables($dbname, $link_identifier = null){ | ||
107 | global $global_link_identifier; | ||
108 | if($link_identifier == null) { | ||
109 | $link_identifier = $global_link_identifier; | ||
110 | } | ||
111 | $sql = "SHOW TABLES FROM $dbname"; | ||
112 | $result = mysql_query($sql, $link_identifier); | ||
113 | return $result; | ||
114 | } | ||
115 | |||
116 | function mysql_error($link_identifier = null){ | ||
117 | global $global_link_identifier; | ||
118 | if($link_identifier == null) { | ||
119 | $link_identifier = $global_link_identifier; | ||
120 | } | ||
121 | return mysqli_error($link_identifier); | ||
122 | } | ||
123 | |||
124 | function mysql_errno($link_identifier = null){ | ||
125 | global $global_link_identifier; | ||
126 | if($link_identifier == null) { | ||
127 | $link_identifier = $global_link_identifier; | ||
128 | } | ||
129 | return mysqli_errno($link_identifier); | ||
130 | } | ||
131 | |||
132 | function mysql_insert_id($link_identifier = NULL){ | ||
133 | global $global_link_identifier; | ||
134 | if($link_identifier == null) { | ||
135 | $link_identifier = $global_link_identifier; | ||
136 | } | ||
137 | return mysqli_insert_id($link_identifier); | ||
138 | } | ||
139 | |||
140 | function mysql_close($link_identifier = NULL){ | ||
141 | return true; | ||
142 | } | ||
143 | |||
144 | function mysql_real_escape_string($unescaped_string, $link_identifier = null){ | ||
145 | global $global_link_identifier; | ||
146 | if($link_identifier == null) { | ||
147 | $link_identifier = $global_link_identifier; | ||
148 | } | ||
149 | return mysqli_real_escape_string($link_identifier, $unescaped_string); | ||
150 | } | ||
151 | |||
152 | function mysql_data_seek($result, $row_number){ | ||
153 | return mysqli_data_seek($result, $row_number); | ||
154 | } | ||
155 | |||
156 | function mysql_result($result, $row=0, $col=0){ | ||
157 | $numrows = mysqli_num_rows($result); | ||
158 | if($numrows && $row <= ($numrows-1) && $row >= 0){ | ||
159 | mysqli_data_seek($result, $row); | ||
160 | $resultrow = (is_numeric($col)) ? mysqli_fetch_row($result) : mysqli_fetch_assoc($result); | ||
161 | if (isset($resultrow[$col])){ | ||
162 | return $resultrow[$col]; | ||
163 | } | ||
164 | } | ||
165 | return false; | ||
166 | } | ||
167 | |||
168 | function mysql_escape_string($s, $link_identifier = null){ | ||
169 | global $global_link_identifier; | ||
170 | if($link_identifier == null) { | ||
171 | $link_identifier = $global_link_identifier; | ||
172 | } | ||
173 | return mysqli_real_escape_string($link_identifier, $s); | ||
174 | } | ||
175 | |||
176 | function mysql_fetch_field($result, $i = null) { | ||
177 | if ($i === null) { | ||
178 | return mysqli_fetch_field($result); | ||
179 | } | ||
180 | return mysqli_fetch_field_direct($result, $i); | ||
181 | } | ||
182 | |||
183 | function mysql_field_name($result, $i) { | ||
184 | return mysqli_fetch_field_direct($result, $i)->name; | ||
185 | } | ||
186 | |||
187 | function mysql_field_type($result, $i){ | ||
188 | return mysqli_fetch_field_direct($result, $i)->type; | ||
189 | } | ||
190 | |||
191 | function mysql_field_len($result, $i){ | ||
192 | return mysqli_fetch_field_direct($result, $i)->length; | ||
193 | } | ||
194 | |||
195 | function mysql_num_fields($result){ | ||
196 | return mysqli_num_fields($result); | ||
197 | } | ||
198 | |||
199 | function mysql_free_result($result) { | ||
200 | return mysqli_free_result($result); | ||
201 | } | ||
202 | |||
203 | function mysql_get_server_info($link_identifier = null){ | ||
204 | global $global_link_identifier; | ||
205 | if($link_identifier == null) { | ||
206 | $link_identifier = $global_link_identifier; | ||
207 | } | ||
208 | return mysqli_get_server_info($link_identifier); | ||
209 | } | ||
210 | |||
211 | function mysql_set_charset($csname, $link_identifier = null){ | ||
212 | global $global_link_identifier; | ||
213 | if($link_identifier == null) { | ||
214 | $link_identifier = $global_link_identifier; | ||
215 | } | ||
216 | return mysqli_set_charset($link_identifier, $csname); | ||
217 | } | ||
218 | |||
219 | // aliases | ||
220 | function mysql(...$args){ return mysql_db_query(...$args); } | ||
221 | function mysql_createdb(...$args){ return mysql_create_db(...$args); } | ||
222 | function mysql_db_name(...$args){ return mysql_result(...$args); } | ||
223 | function mysql_dbname(...$args){ return mysql_result(...$args); } | ||
224 | function mysql_dropdb(...$args){ return mysql_drop_db(...$args); } | ||
225 | function mysql_fieldflags(...$args){ return mysql_field_flags(...$args); } | ||
226 | function mysql_fieldlen(...$args){ return mysql_field_len(...$args); } | ||
227 | function mysql_fieldname(...$args){ return mysql_field_name(...$args); } | ||
228 | function mysql_fieldtable(...$args){ return mysql_field_table(...$args); } | ||
229 | function mysql_fieldtype(...$args){ return mysql_field_type(...$args); } | ||
230 | function mysql_freeresult(...$args){ return mysql_free_result(...$args); } | ||
231 | function mysql_listdbs(...$args){ return mysql_list_dbs(...$args); } | ||
232 | function mysql_listfields(...$args){ return mysql_list_fields(...$args); } | ||
233 | function mysql_listtables(...$args){ return mysql_list_tables(...$args); } | ||
234 | function mysql_numfields(...$args){ return mysql_num_fields(...$args); } | ||
235 | function mysql_numrows(...$args){ return mysql_num_rows(...$args); } | ||
236 | function mysql_selectdb(...$args){ return mysql_select_db(...$args); } | ||
237 | |||
238 | // TODO: those functions are not defined yet: | ||
239 | function mysql_client_encoding(){ trigger_error("mysql_client_encoding is not defined yet", E_USER_ERROR); } | ||
240 | function mysql_create_db(){ trigger_error("mysql_create_db is not defined yet", E_USER_ERROR); } | ||
241 | function mysql_drop_db(){ trigger_error("mysql_drop_db is not defined yet", E_USER_ERROR); } | ||
242 | function mysql_fetch_lengths(){ trigger_error("mysql_fetch_lengths is not defined yet", E_USER_ERROR); } | ||
243 | function mysql_field_flags(){ trigger_error("mysql_field_flags is not defined yet", E_USER_ERROR); } | ||
244 | function mysql_field_seek(){ trigger_error("mysql_field_seek is not defined yet", E_USER_ERROR); } | ||
245 | function mysql_field_table(){ trigger_error("mysql_field_table is not defined yet", E_USER_ERROR); } | ||
246 | function mysql_get_client_info(){ trigger_error("mysql_get_client_info is not defined yet", E_USER_ERROR); } | ||
247 | function mysql_get_host_info(){ trigger_error("mysql_get_host_info is not defined yet", E_USER_ERROR); } | ||
248 | function mysql_get_proto_info(){ trigger_error("mysql_get_proto_info is not defined yet", E_USER_ERROR); } | ||
249 | function mysql_info(){ trigger_error("mysql_info is not defined yet", E_USER_ERROR); } | ||
250 | function mysql_list_dbs(){ trigger_error("mysql_list_dbs is not defined yet", E_USER_ERROR); } | ||
251 | function mysql_list_fields(){ trigger_error("mysql_list_fields is not defined yet", E_USER_ERROR); } | ||
252 | function mysql_list_processes(){ trigger_error("mysql_list_processes is not defined yet", E_USER_ERROR); } | ||
253 | function mysql_tablename(){ trigger_error("mysql_tablename is not defined yet", E_USER_ERROR); } | ||
254 | function mysql_stat(){ trigger_error("mysql_stat is not defined yet", E_USER_ERROR); } | ||
255 | function mysql_thread_id(){ trigger_error("mysql_thread_id is not defined yet", E_USER_ERROR); } | ||
256 | function mysql_unbuffered_query(){ trigger_error("mysql_unbuffered_query is not defined yet", E_USER_ERROR); } | ||
257 | } | ||
diff --git a/pages/comic.php b/pages/comic.php index 28a420e..620a038 100755 --- a/pages/comic.php +++ b/pages/comic.php | |||
@@ -1,6 +1,6 @@ | |||
1 | <?php | 1 | <?php |
2 | 2 | ||
3 | if (isset($_GET['id'])) | 3 | if (isset($_GET['id']) && is_numeric($_GET['id'])) |
4 | { | 4 | { |
5 | $getcomic = "SELECT * FROM comics WHERE comic_id = " . $_GET['id'] . " AND status = \"publish\""; | 5 | $getcomic = "SELECT * FROM comics WHERE comic_id = " . $_GET['id'] . " AND status = \"publish\""; |
6 | } else { | 6 | } else { |