From: konrad Date: Sun, 21 Oct 2007 12:47:53 +0000 (+0000) Subject: replace addslashes by proper mysql-escaping X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=c6f1e0d11d638b929a004ed565423d422f79f9f1;p=web%2Fkonrad%2Fsmoke.git replace addslashes by proper mysql-escaping git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@58 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/admin.php b/www/admin.php index 6f25a81..b7b9dac 100644 --- a/www/admin.php +++ b/www/admin.php @@ -57,7 +57,7 @@ if(isset($_POST["adminuser"])&&isset($_POST["adminpwd1"])&&isset($_POST["adminpw } //does user exist? $un=$_POST["adminuser"]; - $usr=$db->select("users","uname","uname='".addslashes($un)."'"); + $usr=$db->select("users","uname","uname=".$db->escapeString($un)); if(count($usr)>0){ print("Error: User already exists.

"); break; diff --git a/www/inc/cart.php b/www/inc/cart.php index 9b741e3..6553b61 100644 --- a/www/inc/cart.php +++ b/www/inc/cart.php @@ -31,10 +31,10 @@ class CartTicket { global $db; if($amt<=0){ - $db->deleteRows("cart_ticket","cartid='".addslashes($this->cartid)."' and eventid=".$this->eventid); + $db->deleteRows("cart_ticket","cartid=".$db->escapeString($this->cartid)." and eventid=".$this->eventid); $this->amount=0; }else{ - $db->update("cart_ticket",array("amount"=>($amt+0)),"cartid='".addslashes($this->cartid)."' and eventid=".$this->eventid); + $db->update("cart_ticket",array("amount"=>($amt+0)),"cartid=".$db->escapeString($this->cartid)." and eventid=".$this->eventid); $this->amount=$amt; } } @@ -74,7 +74,7 @@ class Cart //generate ID $id=getRandom(128); //check it does not exist - $res=$db->select("cart","cartid","cartid='".addslashes($id)."'"); + $res=$db->select("cart","cartid","cartid=".$db->escapeString($id)); if(count($res)==0){ $this->cartid=$id; break; @@ -85,7 +85,7 @@ class Cart $db->commitTransaction(); }else{ //check that cart exists - $res=$db->select("cart","cartid","cartid='".addslashes($id)."'"); + $res=$db->select("cart","cartid","cartid=".$db->escapeString($id)); if(count($res)>0)$this->cartid=$id; } } @@ -106,7 +106,7 @@ class Cart public function getTickets() { if($this->cartid===false)return array(); - $res=$db->select("cart_ticket","*","where cartid='".addslashed($this->cartid)."'"); + $res=$db->select("cart_ticket","*","where cartid=".$db->escapeString($this->cartid)); $ret=array(); if(count($res)>0) foreach($res as $k=>$tc) diff --git a/www/inc/db.php b/www/inc/db.php index db5cb1e..901272a 100644 --- a/www/inc/db.php +++ b/www/inc/db.php @@ -106,7 +106,7 @@ abstract class DbEngine if($tpa[0]=="defaultstr"){ if(count($tpa)<2) return "DEFAULT NULL"; - return "DEFAULT '".addslashes($tpa[1])."'"; + return "DEFAULT ".$this->escapeString($tpa[1]); } } @@ -204,7 +204,7 @@ abstract class DbEngine /**returns a configuration setting*/ public function getConfig($key) { - $mar=$this->select("config","cval","ckey='".addslashes($key)."'"); + $mar=$this->select("config","cval","ckey=".$this->escapeString($key)); if(count($mar)>0)return $mar[0][0]; return false; } @@ -213,8 +213,8 @@ abstract class DbEngine public function setConfig($key,$val) { $this->beginTransaction(); - $mar=$this->select("config","cval","ckey='".addslashes($key)."'"); - if(count($mar)>0)$this->update("config",array("cval"=>$val),"ckey='".addslashes($key)."'"); + $mar=$this->select("config","cval","ckey=".$this->escapeString($key)); + if(count($mar)>0)$this->update("config",array("cval"=>$val),"ckey=".$this->escapeString($key)); else $this->insert("config",array("ckey"=>$key,"cval"=>$val)); $this->commitTransaction(); } diff --git a/www/inc/db_mysql.php b/www/inc/db_mysql.php index 842a9a4..b58d141 100644 --- a/www/inc/db_mysql.php +++ b/www/inc/db_mysql.php @@ -156,4 +156,11 @@ class MysqlEngine extends DbEngine { return mysql_error(); } + + /**escapes strings; it uses mysql_escape_string and encloses the value in ''*/ + public function escapeString($s) + { + if($s === false) return "NULL"; + return "'".mysql_real_escape_string($s)."'"; + } }; \ No newline at end of file diff --git a/www/inc/event.php b/www/inc/event.php index 2cbec6e..660ae61 100644 --- a/www/inc/event.php +++ b/www/inc/event.php @@ -229,7 +229,7 @@ function setEventXml($xmldata) return; } $db->beginTransaction(); - $res=$db->select("room","roomid","roomid='".addslashes($room)."'"); + $res=$db->select("room","roomid","roomid=".$db->escapeString($room)); if(count($res)<1){ //end DB transaction $db->rollbackTransaction();