Changeset 988


Ignore:
Timestamp:
12/25/05 23:34:44 (14 years ago)
Author:
plg
Message:

bug 246 fixed : GET parameter "search" is not completely checked before
usage in SQL queries. Simple check : if a ";" if found, execution stops.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/branch-1_5/include/functions_category.inc.php

    r867 r988  
    382382      if ( $page['cat'] == 'search' ) 
    383383      { 
     384        // SQL injection hacking attempt? 
     385        if (strpos($_GET['search'], ';') !== false) 
     386        { 
     387          die('Hacking attempt on "search" GET parameter'); 
     388        } 
     389         
    384390        // analyze search string given in URL (created in search.php) 
    385391        $tokens = explode('|', $_GET['search']); 
Note: See TracChangeset for help on using the changeset viewer.