[evolvis-commits] r8306: Audit: escape special characters before inserting into database. ↵
mirabilos at evolvis.org
mirabilos at evolvis.org
Thu Feb 24 16:38:53 CET 2011
Author: mirabilos
Date: 2011-02-24 16:38:53 +0100 (Thu, 24 Feb 2011)
New Revision: 8306
Modified:
trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog
trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSPackage.class
trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSRelease.class
trunk/gforge_base/evolvisforge-5.1/gforge/www/project/admin/editrelease.php
Log:
Audit: escape special characters before inserting into database.
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog 2011-02-24 15:38:50 UTC (rev 8305)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/ChangeLog 2011-02-24 15:38:53 UTC (rev 8306)
@@ -3,7 +3,14 @@
* www/people/editjob.php: Audit: escape special characters from
user input before submitting to database.
+ * common/frs/FRSPackage.class: ditto.
+ * common/frs/FRSRelease.class: ditto, plus re-fetch data on
+ update.
+
+ * www/project/admin/editrelease.php: ditto, plus fix bogus
+ warning about "file upload attack".
+
2003-01-17 Reinhard Spisser <reinhard at spisser.it>
* www/forum/*: there were still a lot of unlocalized strings.
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSPackage.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSPackage.class 2011-02-24 15:38:50 UTC (rev 8305)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSPackage.class 2011-02-24 15:38:53 UTC (rev 8306)
@@ -88,7 +88,7 @@
}
$sql="INSERT INTO frs_package(group_id,name,status_id)
- VALUES ('".$this->Group->getId()."','$name','1')";
+ VALUES ('".$this->Group->getId()."','".htmlspecialchars($name)."','1')";
db_begin();
$result=db_query($sql);
@@ -173,7 +173,7 @@
return false;
}
$sql="SELECT * FROM filemodule_monitor
- WHERE user_id='".user_getid()."'
+ WHERE user_id='".user_getid()."'
AND filemodule_id='".$this->getID()."';";
$result = db_query($sql);
@@ -207,7 +207,7 @@
return false;
}
$sql="DELETE FROM filemodule_monitor
- WHERE user_id='".user_getid()."'
+ WHERE user_id='".user_getid()."'
AND filemodule_id='".$this->getID()."';";
return db_query($sql);
}
@@ -222,7 +222,7 @@
return false;
}
$sql="SELECT * FROM filemodule_monitor
- WHERE user_id='".user_getid()."'
+ WHERE user_id='".user_getid()."'
AND filemodule_id='".$this->getID()."';";
$result = db_query($sql);
@@ -240,8 +240,8 @@
* @return array The array of user_id's.
*/
function &getMonitorIDs() {
- $res=db_query("SELECT user_id
- FROM filemodule_monitor
+ $res=db_query("SELECT user_id
+ FROM filemodule_monitor
WHERE filemodule_id='".$this->getID()."'");
return util_result_column_to_array($res);
}
@@ -272,7 +272,7 @@
}
$res=db_query("UPDATE frs_package SET
- name='$name',
+ name='".htmlspecialchars($name)."',
status_id='$status'
WHERE group_id='".$this->Group->getID()."'
AND package_id='".$this->getID()."'");
@@ -281,6 +281,9 @@
$this->setError('FRSPackage::update() Error On Update: '.db_error());
return false;
}
+
+ $this->fetchData($this->getID());
+
return true;
}
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSRelease.class
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSRelease.class 2011-02-24 15:38:50 UTC (rev 8305)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/common/frs/FRSRelease.class 2011-02-24 15:38:53 UTC (rev 8306)
@@ -103,8 +103,8 @@
$sql="INSERT INTO frs_release(package_id,notes,changes,
preformatted,name,release_date,released_by,status_id)
- VALUES ('".$this->FRSPackage->getId()."','$notes','$changes',
- '$preformatted','$name','$release_date','".user_getid()."','1')";
+ VALUES ('".$this->FRSPackage->getId()."','".htmlspecialchars($notes)."','".htmlspecialchars($changes)."',
+ '$preformatted','".htmlspecialchars($name)."','$release_date','".user_getid()."','1')";
db_begin();
$result=db_query($sql);
@@ -272,12 +272,18 @@
return false;
}
+ if ($preformatted) {
+ $preformatted = 1;
+ } else {
+ $preformatted = 0;
+ }
+
$res=db_query("UPDATE frs_release
SET
- name='$name',
+ name='".htmlspecialchars($name)."',
status_id='$status',
- notes='$notes',
- changes='$changes',
+ notes='".htmlspecialchars($notes)."',
+ changes='".htmlspecialchars($changes)."',
preformatted='$preformatted',
release_date='$release_date',
released_by='". user_getid() ."'
@@ -289,6 +295,8 @@
return false;
}
+ $this->fetchData($this->getID());
+
return true;
}
Modified: trunk/gforge_base/evolvisforge-5.1/gforge/www/project/admin/editrelease.php
===================================================================
--- trunk/gforge_base/evolvisforge-5.1/gforge/www/project/admin/editrelease.php 2011-02-24 15:38:50 UTC (rev 8305)
+++ trunk/gforge_base/evolvisforge-5.1/gforge/www/project/admin/editrelease.php 2011-02-24 15:38:53 UTC (rev 8306)
@@ -1,7 +1,7 @@
<?php
/**
* Project Admin: Edit Releases of Packages
- *
+ *
* SourceForge: Breaking Down the Barriers to Open Source Development
* Copyright 1999-2001 (c) VA Linux Systems
* http://sourceforge.net
@@ -10,7 +10,7 @@
*/
-require_once('pre.php');
+require_once('pre.php');
require_once('common/frs/FRSPackage.class');
require_once('common/frs/FRSRelease.class');
require_once('common/frs/FRSFile.class');
@@ -62,11 +62,11 @@
*/
// Edit release info
-if ($step1) {
+if ($step1) {
$exec_changes = true;
// Check for uploaded release notes
- if ($uploaded_notes != "none") {
+ if ($uploaded_notes != "") {
if (!is_uploaded_file($uploaded_notes)) {
exit_error('Error','Attempted File Upload Attack');
}
@@ -80,7 +80,7 @@
}
// Check for uplaoded change logs
- if ($uploaded_changes != "none") {
+ if ($uploaded_changes != "") {
if (!is_uploaded_file($uploaded_changes)) {
exit_error('Error','Attempted File Upload Attack');
}
@@ -103,10 +103,10 @@
$feedback .= " Data Saved ";
}
}
-}
+}
// Add file(s) to the release
-if ($step2) {
+if ($step2) {
// Build a Unix time value from the supplied Y-m-d value
$group_unix_name=group_getunixname($group_id);
@@ -130,7 +130,7 @@
}
// Edit/Delete files in a release
-if ($step3) {
+if ($step3) {
// If the user chose to delete the file and he's sure then delete the file
if( $step3 == "Delete File" && $im_sure ) {
$frsf = new FRSFile($frsr,$file_id);
@@ -186,8 +186,8 @@
<tr>
<td><strong>Status:</strong></td>
<td>
- <?php
- echo frs_show_status_popup('status_id',$frsr->getStatus());
+ <?php
+ echo frs_show_status_popup('status_id',$frsr->getStatus());
?>
</td>
</tr>
@@ -209,13 +209,13 @@
<tr>
<td colspan="2">
<strong>Paste The Notes In:</strong><br />
- <textarea name="release_notes" rows="10" cols="60" wrap="soft"><?php echo htmlspecialchars($frsr->getNotes()); ?></textarea>
+ <textarea name="release_notes" rows="10" cols="60" wrap="soft"><?php echo $frsr->getNotes(); ?></textarea>
</td>
</tr>
<tr>
<td colspan="2">
<strong>Paste The Change Log In:</strong><br />
- <textarea name="release_changes" rows="10" cols="60" wrap="soft"><?php echo htmlspecialchars($frsr->getChanges()); ?></textarea>
+ <textarea name="release_changes" rows="10" cols="60" wrap="soft"><?php echo $frsr->getChanges(); ?></textarea>
</td>
</tr>
<tr>
More information about the evolvis-commits
mailing list