From 2c1d80c75a3f41517090004e59f1e04a21437cc8 Mon Sep 17 00:00:00 2001 From: Meik Sievertsen Date: Thu, 2 Oct 2008 12:04:12 +0000 Subject: [PATCH] Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw) git-svn-id: file:///svn/phpbb/branches/phpBB-3_0_0@8967 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/docs/CHANGELOG.html | 1 + phpBB/includes/db/firebird.php | 2 +- phpBB/includes/db/mssql.php | 2 +- phpBB/includes/db/mssql_odbc.php | 2 +- phpBB/includes/db/oracle.php | 2 +- phpBB/includes/functions.php | 2 +- 6 files changed, 6 insertions(+), 5 deletions(-) diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html index 47e158174c..3672d1d622 100644 --- a/phpBB/docs/CHANGELOG.html +++ b/phpBB/docs/CHANGELOG.html @@ -147,6 +147,7 @@
  • [Change] MCP topic view checkboxes now default to unchecked.
  • [Change] Adjust language key SPLIT_AFTER to make the action clearer.
  • [Change] Add links to the post and forum when viewing a report from the MCP. (Bugs #33795, #33805)
    • +
  • [Change] Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw)
  • [Feature] Allow limited inheritance for template sets.
  • [Feature] Allow hard disabling of the template editor.
    • diff --git a/phpBB/includes/db/firebird.php b/phpBB/includes/db/firebird.php index 0157238fcd..3b31942a8b 100644 --- a/phpBB/includes/db/firebird.php +++ b/phpBB/includes/db/firebird.php @@ -425,7 +425,7 @@ class dbal_firebird extends dbal */ function sql_escape($msg) { - return str_replace("'", "''", $msg); + return str_replace(array("'", "\0"), array("''", ''), $msg); } /** diff --git a/phpBB/includes/db/mssql.php b/phpBB/includes/db/mssql.php index 4131be2c32..7134574691 100644 --- a/phpBB/includes/db/mssql.php +++ b/phpBB/includes/db/mssql.php @@ -328,7 +328,7 @@ class dbal_mssql extends dbal */ function sql_escape($msg) { - return str_replace("'", "''", $msg); + return str_replace(array("'", "\0"), array("''", ''), $msg); } /** diff --git a/phpBB/includes/db/mssql_odbc.php b/phpBB/includes/db/mssql_odbc.php index a29af45c8f..14c4831010 100644 --- a/phpBB/includes/db/mssql_odbc.php +++ b/phpBB/includes/db/mssql_odbc.php @@ -349,7 +349,7 @@ class dbal_mssql_odbc extends dbal */ function sql_escape($msg) { - return str_replace("'", "''", $msg); + return str_replace(array("'", "\0"), array("''", ''), $msg); } /** diff --git a/phpBB/includes/db/oracle.php b/phpBB/includes/db/oracle.php index 0daddf76cb..8fdb29ce5b 100644 --- a/phpBB/includes/db/oracle.php +++ b/phpBB/includes/db/oracle.php @@ -551,7 +551,7 @@ class dbal_oracle extends dbal */ function sql_escape($msg) { - return str_replace("'", "''", $msg); + return str_replace(array("'", "\0"), array("''", ''), $msg); } /** diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 0c5daa9231..862314aba9 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -32,7 +32,7 @@ function set_var(&$result, $var, $type, $multibyte = false) if ($type == 'string') { - $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r"), array("\n", "\n"), $result), ENT_COMPAT, 'UTF-8')); + $result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8')); if (!empty($result)) {