jimeh/litemysql
1
0
Fork 0
mirror of https://github.com/jimeh/litemysql.git synced 2026-02-19 12:56:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixed an issue with conditions building which didn't properly escapse special characters, leaving yourself open to remote SQL injection if passing direct user-input into a condition

Browse Source
This commit is contained in:
Jim Myhrberg
2007-12-14 01:30:16 +00:00
parent 70eafd692c
commit 39b158e005
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
litemysql.lib.php
View File

@@ -633,7 +633,7 @@ class LiteMySQL {
} elseif ( preg_match('/^[0-9]+$/', $value) ) { } elseif ( preg_match('/^[0-9]+$/', $value) ) {
$cond[] = "`id` = '".$value."'"; $cond[] = "`id` = '".$value."'";
} else { } else {
$cond[] = $value; $cond[] = $this->sql_quote($value);
} }
} }
$operator = ( !empty($options['operator']) ) ? $options['operator'] : 'AND' ; $operator = ( !empty($options['operator']) ) ? $options['operator'] : 'AND' ;
@@ -694,6 +694,8 @@ class LiteMySQL {
} }
if ( ($column == 'integer' || $column == 'float') && preg_match('/^[0-9\-\.]+$/', $string) ) { if ( ($column == 'integer' || $column == 'float') && preg_match('/^[0-9\-\.]+$/', $string) ) {
return $string; return $string;
} elseif ( preg_match('/^[0-9\-\.]+$/', $string) ) {
return $string;
} else { } else {
return "'".addslashes($string)."'"; return "'".addslashes($string)."'";
} }