[pLog-svn] r3522 - plog/branches/lifetype-1.0.5/class/action
Oscar Renalias
oscar at renalias.net
Sat Jun 3 23:26:05 GMT 2006
It's part of the core.
Take a look at BlogAction::_updateReferrer, we might need to add more
validation there.
On 4 Jun 2006, at 02:21, Jon Daley wrote:
> I updated a blog to 1.0.5. I see this in the referrer logging:
> 152969 Query INSERT INTO plog_statistics
> (`blog_id`, `article_id`, `time`, `ip`, `refer`, `agent`) VAL
> UES ('1', '9999/**/UNION/**/SELECT/**/password,1,1,1,1,1,1,1/**/
> FROM/**/users/**/WHERE/**/id=1/*', '20060603191915', '', '', '
> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/
> 20060426 Firefox/1.5.0.3 WebWasher 3.4')
>
> I suppose this is okay, since it is quoted, and presumably any
> quoted string will be escaped properly, but it would be nicer to
> have it just fail, and not enter anything. Is the plog_statistics
> table a plugin, or is that part of the core?
>
> On Sun, 4 Jun 2006, Oscar Renalias wrote:
>
>> I think this should fix them all, at least on the public side of
>> the blog.
>>
>> We should also audit the code in 1.1.
>>
>> On 4 Jun 2006, at 01:28, oscar at devel.lifetype.net wrote:
>>
>>> Author: oscar
>>> Date: 2006-06-03 22:28:33 +0000 (Sat, 03 Jun 2006)
>>> New Revision: 3522
>>> Modified:
>>> plog/branches/lifetype-1.0.5/class/action/commentaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/defaultaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/
>>> resourceserveraction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/rssaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/
>>> viewalbumaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/
>>> viewarticleaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/
>>> viewarticletrackbacksaction.class.php
>>> plog/branches/lifetype-1.0.5/class/action/
>>> viewresourceaction.class.php
>>> Log:
>>> added some validation to all action classes, looks like we had
>>> forgotten it
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> **************************************
> Jon Daley
> http://jon.limedaley.com/
>
> Eat drink and be merry, for tomorrow they may make it illegal.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
More information about the pLog-svn
mailing list