Commit Graph

13 Commits

Author SHA1 Message Date
Mike Little e89562de13 Fix remote SQL injection exploit.
"b2 0.6.2 and prior" allow sql injection in ./blog.header.php. $posts isn�t
convert to integer, so we can inject a sql in this variable. In MySQL 4.x
UNION and subselects can be used to obtain privileges.


git-svn-id: https://develop.svn.wordpress.org/trunk@153 602fd350-edb4-49c9-b593-d223f7449a82
2003-06-04 00:14:49 +00:00
Mike Little 4bf26d95ba Removed erroneous require of wp-db
Added missing require of wp-db to b2config
Moved links tables tt b2config
Fixed definition of extra db vars


git-svn-id: https://develop.svn.wordpress.org/trunk@152 602fd350-edb4-49c9-b593-d223f7449a82
2003-06-03 23:15:14 +00:00
Mike Little 0f0b756152 Fix to use ezsql
git-svn-id: https://develop.svn.wordpress.org/trunk@144 602fd350-edb4-49c9-b593-d223f7449a82
2003-06-01 20:59:33 +00:00
Matt Mullenweg e95f55e8a3 Only display published entries.
git-svn-id: https://develop.svn.wordpress.org/trunk@142 602fd350-edb4-49c9-b593-d223f7449a82
2003-06-01 14:49:04 +00:00
Matt Mullenweg 49a87f1f0d ezSQL mods.
git-svn-id: https://develop.svn.wordpress.org/trunk@114 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-29 14:04:30 +00:00
Matt Mullenweg 5ae03f37dc Earlier path fix that was missed.
git-svn-id: https://develop.svn.wordpress.org/trunk@107 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-26 13:31:55 +00:00
Mike Little bb5ececb03 Fixed html headers
git-svn-id: https://develop.svn.wordpress.org/trunk@101 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-25 23:38:03 +00:00
Matt Mullenweg 184e3cd80c Old fix back.
git-svn-id: https://develop.svn.wordpress.org/trunk@98 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-25 21:20:59 +00:00
Matt Mullenweg ae319d220f New path system.
git-svn-id: https://develop.svn.wordpress.org/trunk@96 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-25 12:43:31 +00:00
Mike Little 6c3fc2a305 Removed $pathserver. Now use $siteurl everywhere.
git-svn-id: https://develop.svn.wordpress.org/trunk@83 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-24 21:50:22 +00:00
Matt Mullenweg e245337a5a Pingback fix.
git-svn-id: https://develop.svn.wordpress.org/trunk@57 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-23 13:49:48 +00:00
Matt Mullenweg ee8991d497 Removed aggresive assumption.
git-svn-id: https://develop.svn.wordpress.org/trunk@52 602fd350-edb4-49c9-b593-d223f7449a82
2003-05-23 12:39:05 +00:00
Matt Mullenweg c5b475e13b *** empty log message ***
git-svn-id: https://develop.svn.wordpress.org/trunk@3 602fd350-edb4-49c9-b593-d223f7449a82
2003-04-01 14:12:34 +00:00