makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 06:08:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Vulnerability + potential Zend fixes

Browse source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4850 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2004-03-01 15:56:52 +00:00
parent e010274192
commit 18c9aa79ad
7 changed files with 20 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/auth.php
View file

@ -124,6 +124,7 @@ function auth($type, $forum_id, $userdata, $f_access = '')
{ {
message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
} }
$db->sql_freeresult($result);
$sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset'; $sql_fetchrow = ( $forum_id != AUTH_LIST_ALL ) ? 'sql_fetchrow' : 'sql_fetchrowset';
@ -156,6 +157,7 @@ function auth($type, $forum_id, $userdata, $f_access = '')
{ {
message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, 'Failed obtaining forum access control lists', '', __LINE__, __FILE__, $sql);
} }
$db->sql_freeresult($result);
if ( $row = $db->sql_fetchrow($result) ) if ( $row = $db->sql_fetchrow($result) )
{ {

1
phpBB/includes/page_header.php
View file

@ -106,6 +106,7 @@ if (defined('SHOW_ONLINE'))
{ {
message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql);
} }
$db->sql_freeresult($result);
$userlist_ary = array(); $userlist_ary = array();
$userlist_visible = array(); $userlist_visible = array();

2
phpBB/includes/topic_review.php
View file

@ -51,6 +51,7 @@ function topic_review($topic_id, $is_inline_review)
{ {
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
} }
$db->sql_freeresult($result);
$forum_id = $forum_row['forum_id']; $forum_id = $forum_row['forum_id'];
$topic_title = $forum_row['topic_title']; $topic_title = $forum_row['topic_title'];
@ -207,6 +208,7 @@ function topic_review($topic_id, $is_inline_review)
{ {
message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql); message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql);
} }
$db->sql_freeresult($result);
$template->assign_vars(array( $template->assign_vars(array(
'L_AUTHOR' => $lang['Author'], 'L_AUTHOR' => $lang['Author'],

5
phpBB/index.php
View file

@ -119,6 +119,7 @@ if( !($result = $db->sql_query($sql)) )
} }
while( $category_rows[] = $db->sql_fetchrow($result) ); while( $category_rows[] = $db->sql_fetchrow($result) );
$db->sql_freeresult($result);
if( ( $total_categories = count($category_rows) ) ) if( ( $total_categories = count($category_rows) ) )
{ {
@ -170,6 +171,7 @@ if( ( $total_categories = count($category_rows) ) )
{ {
$forum_data[] = $row; $forum_data[] = $row;
} }
$db->sql_freeresult($result);
if ( !($total_forums = count($forum_data)) ) if ( !($total_forums = count($forum_data)) )
{ {
@ -197,6 +199,7 @@ if( ( $total_categories = count($category_rows) ) )
{ {
$new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time']; $new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time'];
} }
$db->sql_freeresult($result);
} }
// //
@ -222,6 +225,7 @@ if( ( $total_categories = count($category_rows) ) )
{ {
$forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '">' . $row['username'] . '</a>'; $forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '">' . $row['username'] . '</a>';
} }
$db->sql_freeresult($result);
$sql = "SELECT aa.forum_id, g.group_id, g.group_name $sql = "SELECT aa.forum_id, g.group_id, g.group_name
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
@ -241,6 +245,7 @@ if( ( $total_categories = count($category_rows) ) )
{ {
$forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=" . $row['group_id']) . '">' . $row['group_name'] . '</a>'; $forum_moderators[$row['forum_id']][] = '<a href="' . append_sid("groupcp.$phpEx?" . POST_GROUPS_URL . "=" . $row['group_id']) . '">' . $row['group_name'] . '</a>';
} }
$db->sql_freeresult($result);
// //
// Find which forums are visible for this user // Find which forums are visible for this user

2
phpBB/memberlist.php
View file

@ -269,6 +269,7 @@ if ( $row = $db->sql_fetchrow($result) )
$i++; $i++;
} }
while ( $row = $db->sql_fetchrow($result) ); while ( $row = $db->sql_fetchrow($result) );
$db->sql_freeresult($result);
} }
if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 ) if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
@ -288,6 +289,7 @@ if ( $mode != 'topten' || $board_config['topics_per_page'] < 10 )
$pagination = generate_pagination("memberlist.$phpEx?mode=$mode&amp;order=$sort_order", $total_members, $board_config['topics_per_page'], $start). '&nbsp;'; $pagination = generate_pagination("memberlist.$phpEx?mode=$mode&amp;order=$sort_order", $total_members, $board_config['topics_per_page'], $start). '&nbsp;';
} }
$db->sql_freeresult($result);
} }
else else
{ {

9
phpBB/posting.php
View file

@ -221,6 +221,7 @@ switch ( $mode )
if ( $result = $db->sql_query($sql) ) if ( $result = $db->sql_query($sql) )
{ {
$post_info = $db->sql_fetchrow($result); $post_info = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$forum_id = $post_info['forum_id']; $forum_id = $post_info['forum_id'];
$forum_name = $post_info['forum_name']; $forum_name = $post_info['forum_name'];
@ -259,6 +260,7 @@ if ( $result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, 'Could not obtain vote data for this topic', '', __LINE__, __FILE__, $sql);
} }
$db->sql_freeresult($result);
$poll_options = array(); $poll_options = array();
$poll_results_sum = 0; $poll_results_sum = 0;
@ -397,6 +399,7 @@ else
} }
$notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify']; $notify_user = ( $db->sql_fetchrow($result) ) ? TRUE : $userdata['user_notify'];
$db->sql_freeresult($result);
} }
else else
{ {
@ -471,12 +474,12 @@ else if ( $mode == 'vote' )
FROM " . VOTE_USERS_TABLE . " FROM " . VOTE_USERS_TABLE . "
WHERE vote_id = $vote_id WHERE vote_id = $vote_id
AND vote_user_id = " . $userdata['user_id']; AND vote_user_id = " . $userdata['user_id'];
if ( !($result = $db->sql_query($sql)) ) if ( !($result2 = $db->sql_query($sql)) )
{ {
message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, 'Could not obtain user vote data for this topic', '', __LINE__, __FILE__, $sql);
} }
if ( !($row = $db->sql_fetchrow($result)) ) if ( !($row = $db->sql_fetchrow($result2)) )
{ {
$sql = "UPDATE " . VOTE_RESULTS_TABLE . " $sql = "UPDATE " . VOTE_RESULTS_TABLE . "
SET vote_result = vote_result + 1 SET vote_result = vote_result + 1
@ -500,11 +503,13 @@ else if ( $mode == 'vote' )
{ {
$message = $lang['Already_voted']; $message = $lang['Already_voted'];
} }
$db->sql_freeresult($result2);
} }
else else
{ {
$message = $lang['No_vote_option']; $message = $lang['No_vote_option'];
} }
$db->sql_freeresult($result);
$template->assign_vars(array( $template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">') 'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')

2
phpBB/viewtopic.php
View file

@ -357,7 +357,7 @@ $select_post_days .= '</select>';
// //
if ( !empty($HTTP_POST_VARS['postorder']) || !empty($HTTP_GET_VARS['postorder']) ) if ( !empty($HTTP_POST_VARS['postorder']) || !empty($HTTP_GET_VARS['postorder']) )
{ {
$post_order = (!empty($HTTP_POST_VARS['postorder'])) ? $HTTP_POST_VARS['postorder'] : $HTTP_GET_VARS['postorder']; $post_order = (!empty($HTTP_POST_VARS['postorder'])) ? htmlspecialchars($HTTP_POST_VARS['postorder']) : htmlspecialchars($HTTP_GET_VARS['postorder']);
$post_time_order = ($post_order == "asc") ? "ASC" : "DESC"; $post_time_order = ($post_order == "asc") ? "ASC" : "DESC";
} }
else else