[pLog-svn] r3522 - plog/branches/lifetype-1.0.5/class/action

Oscar Renalias oscar at renalias.net
Sat Jun 3 23:26:05 GMT 2006 

It's part of the core.

Take a look at BlogAction::_updateReferrer, we might need to add more  
validation there.

On 4 Jun 2006, at 02:21, Jon Daley wrote:

> I updated a blog to 1.0.5.  I see this in the referrer logging:
>                  152969 Query       INSERT INTO plog_statistics  
> (`blog_id`, `article_id`, `time`, `ip`,  `refer`, `agent`) VAL
> UES ('1', '9999/**/UNION/**/SELECT/**/password,1,1,1,1,1,1,1/**/ 
> FROM/**/users/**/WHERE/**/id=1/*', '20060603191915', '', '', '
> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/ 
> 20060426 Firefox/1.5.0.3 WebWasher 3.4')
>
> I suppose this is okay, since it is quoted, and presumably any  
> quoted string will be escaped properly, but it would be nicer to  
> have it just fail, and not enter anything.  Is the plog_statistics  
> table a plugin, or is that part of the core?
>
> On Sun, 4 Jun 2006, Oscar Renalias wrote:
>
>> I think this should fix them all, at least on the public side of  
>> the blog.
>>
>> We should also audit the code in 1.1.
>>
>> On 4 Jun 2006, at 01:28, oscar at devel.lifetype.net wrote:
>>
>>> Author: oscar
>>> Date: 2006-06-03 22:28:33 +0000 (Sat, 03 Jun 2006)
>>> New Revision: 3522
>>> Modified:
>>>   plog/branches/lifetype-1.0.5/class/action/commentaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/defaultaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/ 
>>> resourceserveraction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/rssaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/ 
>>> viewalbumaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/ 
>>> viewarticleaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/ 
>>> viewarticletrackbacksaction.class.php
>>>   plog/branches/lifetype-1.0.5/class/action/ 
>>> viewresourceaction.class.php
>>> Log:
>>> added some validation to all action classes, looks like we had  
>>> forgotten it
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> **************************************
> Jon Daley
> http://jon.limedaley.com/
>
> Eat drink and be merry, for tomorrow they may make it illegal.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>

More information about the pLog-svn mailing list