makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 20:38:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fixed: unescaped SQL strings make Bertie cry

Browse source 
git-svn-id: file:///svn/phpbb/trunk@6176 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Ludovic Arnaud 2006-07-12 23:41:34 +00:00
parent 5bf6bc1880
commit 4cd73bf7e5
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
phpBB/includes/search/fulltext_native_improved.php
View file

@ -27,6 +27,7 @@ include_once($phpbb_root_path . 'includes/search/search.' . $phpEx);
*/ */
class fulltext_native_improved extends search_backend class fulltext_native_improved extends search_backend
{ {
var $stats;
var $word_length = array(); var $word_length = array();
var $common_words = array(); var $common_words = array();
var $must_contain_ids = array(); var $must_contain_ids = array();
@ -1006,16 +1007,18 @@ class fulltext_native_improved extends search_backend
switch (SQL_LAYER) switch (SQL_LAYER)
{ {
case 'mysql': case 'mysql':
$sql = 'INSERT INTO ' . SEARCH_WORDLIST_TABLE . ' (word_text) case 'mysql4':
VALUES ' . implode(', ', preg_replace('#^(.*)$#', '(\'$1\')', $new_words)); case 'mysqli':
$sql = 'INSERT INTO ' . SEARCH_WORDLIST_TABLE . " (word_text)
VALUES ('" . implode("'),('", array_map(array($db, 'sql_escape'), $new_words)) . "')";
$db->sql_query($sql); $db->sql_query($sql);
break; break;
case 'mysql4':
case 'mysqli':
case 'mssql': case 'mssql':
case 'mssql_odbc': case 'mssql_odbc':
case 'sqlite': case 'sqlite':
$new_words = array_map(array($db, 'sql_escape'), $new_words);
// make sure the longest word comes first, so nothing will be truncated // make sure the longest word comes first, so nothing will be truncated
usort($new_words, array(&$this, 'strlencmp')); usort($new_words, array(&$this, 'strlencmp'));
@ -1027,7 +1030,7 @@ class fulltext_native_improved extends search_backend
foreach ($new_words as $word) foreach ($new_words as $word)
{ {
$sql = 'INSERT INTO ' . SEARCH_WORDLIST_TABLE . " (word_text) $sql = 'INSERT INTO ' . SEARCH_WORDLIST_TABLE . " (word_text)
VALUES ('$word')"; VALUES ('" . $db->sql_escape($word) . "')";
$db->sql_query($sql); $db->sql_query($sql);
} }
} }