[pLog-svn] r3522 - plog/branches/lifetype-1.0.5/class/action
Jon Daley
plogworld at jon.limedaley.com
Sun Jun 4 00:09:42 GMT 2006
It is the old statistics plugin from 0.3.2. I hacked it a bit to
mostly work with 1.0, but never released it, since it doesn't work
perfectly. It isn't performing proper validation on its inputs either.
On Sat, 3 Jun 2006, Jon Daley wrote:
> I will look into the referrer stuff more.
>
> I have updated various blogs that I run, and they all seem to be working
> fine, and since there is an opportunity to say how great subversion is - I
> have the blog_domain code coded in a 1.0.4 blog, and it is now running 1.0.5,
> with a perfect merge of Oscar's fixes, and my locally modified code.
> Subversion is great!
>
> On Sun, 4 Jun 2006, Oscar Renalias wrote:
>> It's part of the core.
>>
>> Take a look at BlogAction::_updateReferrer, we might need to add more
>> validation there.
>>
>> On 4 Jun 2006, at 02:21, Jon Daley wrote:
>>
>>> I updated a blog to 1.0.5. I see this in the referrer logging:
>>> 152969 Query INSERT INTO plog_statistics (`blog_id`,
>>> `article_id`, `time`, `ip`, `refer`, `agent`) VAL
>>> UES ('1',
>>> '9999/**/UNION/**/SELECT/**/password,1,1,1,1,1,1,1/**/FROM/**/users/**/WHERE/**/id=1/*',
>>> '20060603191915', '', '', '
>>> Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.3) Gecko/20060426
>>> Firefox/1.5.0.3 WebWasher 3.4')
>>>
>>> I suppose this is okay, since it is quoted, and presumably any quoted
>>> string will be escaped properly, but it would be nicer to have it just
>>> fail, and not enter anything. Is the plog_statistics table a plugin, or
>>> is that part of the core?
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
**************************************
Jon Daley
http://jon.limedaley.com/
When I was a student I remember seeing such things as "pi = 1".
-- Professor Tygar
More information about the pLog-svn
mailing list