sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added sanity checking to several query parameters

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@401 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dougal Campbell 2003-10-01 14:35:49 +00:00
parent 2c756dde7b
commit 4cea6ed865
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
blog.header.php
View File

@ -130,15 +130,15 @@ if ((empty($cat)) || ($cat == 'all') || ($cat == '0')) {
$eq = '!='; $eq = '!=';
$andor = 'AND'; $andor = 'AND';
$cat = explode('-',$cat); $cat = explode('-',$cat);
$cat = $cat[1]; $cat = intval($cat[1]);
} else { } else {
$eq = '='; $eq = '=';
$andor = 'OR'; $andor = 'OR';
} }
$cat_array = explode(' ',$cat); $cat_array = explode(' ',$cat);
$whichcat .= ' AND (post_category '.$eq.' '.$cat_array[0]; $whichcat .= ' AND (post_category '.$eq.' '.intval($cat_array[0]);
for ($i = 1; $i < (count($cat_array)); $i = $i + 1) { for ($i = 1; $i < (count($cat_array)); $i = $i + 1) {
$whichcat .= ' '.$andor.' post_category '.$eq.' '.$cat_array[$i]; $whichcat .= ' '.$andor.' post_category '.$eq.' '.intval($cat_array[$i]);
} }
$whichcat .= ')'; $whichcat .= ')';
} }
@ -151,15 +151,15 @@ if ((empty($author)) || ($author == 'all') || ($cat == '0')) {
$eq = '!='; $eq = '!=';
$andor = 'AND'; $andor = 'AND';
$author = explode('-', $author); $author = explode('-', $author);
$author = $author[1]; $author = ''.intval($author[1]);
} else { } else {
$eq = '='; $eq = '=';
$andor = 'OR'; $andor = 'OR';
} }
$author_array = explode(' ', $author); $author_array = explode(' ', $author);
$whichauthor .= ' AND post_author '.$eq.' '.$author_array[0]; $whichauthor .= ' AND post_author '.$eq.' '.intval($author_array[0]);
for ($i = 1; $i < (count($author_array)); $i = $i + 1) { for ($i = 1; $i < (count($author_array)); $i = $i + 1) {
$whichauthor .= ' '.$andor.' post_author '.$eq.' '.$author_array[$i]; $whichauthor .= ' '.$andor.' post_author '.$eq.' '.intval($author_array[$i]);
} }
} }
@ -173,13 +173,21 @@ if ((empty($order)) || ((strtoupper($order) != 'ASC') && (strtoupper($order) !=
if (empty($orderby)) { if (empty($orderby)) {
$orderby='date '.$order; $orderby='date '.$order;
} else { } else {
// used to filter values
$allowed_keys = array('author','date','category','title');
$orderby = urldecode($orderby); $orderby = urldecode($orderby);
$orderby = addslashes_gpc($orderby); $orderby = addslashes_gpc($orderby);
$orderby_array = explode(' ',$orderby); $orderby_array = explode(' ',$orderby);
if (!in_array($orderby_array[0],$allowed_keys) {
$orderby_array[0] = 'date';
}
$orderby = $orderby_array[0].' '.$order; $orderby = $orderby_array[0].' '.$order;
if (count($orderby_array)>1) { if (count($orderby_array)>1) {
for ($i = 1; $i < (count($orderby_array)); $i = $i + 1) { for ($i = 1; $i < (count($orderby_array)); $i = $i + 1) {
$orderby .= ',post_'.$orderby_array[$i].' '.$order; // Only allow certain values for safety
if (in_array($orderby_array[$i],$allowed_keys) {
$orderby .= ',post_'.$orderby_array[$i].' '.$order;
}
} }
} }
} }