Changeset 1836 for trunk

Timestamp:

09/01/2010 11:43:44 PM (17 months ago)

Author:

Gongwei.Yu

Message:

[omcollab]fixed sql injection issue

File:

• trunk/w/extensions/DataDrivenLinks/DataDrivenLinks.php (modified) (1 diff)

trunk/w/extensions/DataDrivenLinks/DataDrivenLinks.php

@@ -66 +66 @@
         $page = $this->dbr->tableName( 'page' );
         // Get all possible articles and categories
-        $res = $this->dbr->query("SELECT * FROM $om_categorylinks WHERE cl_to in (SELECT cl_to FROM $om_categorylinks WHERE cl_sortkey = '" . $this->articleOBJ->mTextform . "') AND cl_sortkey <> '" . $this->articleOBJ->mTextform . "' ORDER BY cl_sortkey");
+        $res = $this->dbr->query("SELECT * FROM $om_categorylinks WHERE cl_to in (SELECT cl_to FROM $om_categorylinks WHERE cl_sortkey = '" . mysql_real_escape_string($this->articleOBJ->mTextform) . "') AND cl_sortkey <> '" . mysql_real_escape_string($this->articleOBJ->mTextform) . "' ORDER BY cl_sortkey");
         //echo "SELECT * FROM $om_categorylinks WHERE cl_to in (SELECT cl_to FROM $om_categorylinks WHERE cl_sortkey = '" . $this->articleOBJ->mTextform . "') AND cl_sortkey > '" . $this->articleOBJ->mTextform . "' ORDER BY cl_sortkey";
         while( $row = $this->dbr->fetchObject( $res ) ) { // Filter to extract only articles
-            $temp = str_replace(" ", "_", strtolower($row->cl_sortkey)); // temp string to make the string to page_title style
+            $temp = mysql_real_escape_string(str_replace(" ", "_", strtolower($row->cl_sortkey))); // temp string to make the string to page_title style
             
             // Get data from page table by using $temp to know if it is a category or article