[pLog-svn] r5572 - plog/branches/lifetype-1.2/class/gallery/dao
oscar at devel.lifetype.net
oscar at devel.lifetype.net
Sat Jun 23 12:01:20 EDT 2007
Author: oscar
Date: 2007-06-23 12:01:20 -0400 (Sat, 23 Jun 2007)
New Revision: 5572
Modified:
plog/branches/lifetype-1.2/class/gallery/dao/galleryresources.class.php
Log:
Fixed issue http://bugs.lifetype.net/view.php?id=1346 -- file names with the character ' in their filename are now working. This was also a potential SQL injection vulnerability, btw, as file names were not being escaped when inserting them in the database.
Modified: plog/branches/lifetype-1.2/class/gallery/dao/galleryresources.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/gallery/dao/galleryresources.class.php 2007-06-23 07:16:07 UTC (rev 5571)
+++ plog/branches/lifetype-1.2/class/gallery/dao/galleryresources.class.php 2007-06-23 16:01:20 UTC (rev 5572)
@@ -322,7 +322,7 @@
file_path, file_name, file_size, metadata, thumbnail_format, normalized_description, properties)
VALUES (
$ownerId, $albumId, '".Db::qstr($description)."', $flags, $resourceType,
- '$filePath', '$fileName', '$fileSize', '$serMetadata', '$thumbnailFormat',
+ '$filePath', '".Db::qstr($fileName)."', '$fileSize', '$serMetadata', '$thumbnailFormat',
'".Db::qstr($normalizedDescription)."', '$properties');";
$result = $this->Execute( $query );
@@ -834,7 +834,7 @@
function isDuplicatedFilename( $fileName )
{
$query = "SELECT COUNT(id) AS total FROM ".$this->getPrefix()."gallery_resources
- WHERE file_name = '$fileName'";
+ WHERE file_name = '".Db::qstr($fileName)."'";
$result = $this->Execute( $query );
More information about the pLog-svn
mailing list