diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-12-21 15:51:31 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2001-12-21 15:51:31 +0000 |
| commit | 6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a (patch) | |
| tree | 522fb015042ae01c631b481f0bc6ad3a910cbc3f /phpBB/search.php | |
| parent | f5afff4c5531aa9981e21cdac7fc4702345d96fa (diff) | |
| download | forums-6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a.tar forums-6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a.tar.gz forums-6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a.tar.bz2 forums-6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a.tar.xz forums-6c2e3922b1718e462fb5a0f5e83b5fc1f3a83d4a.zip | |
Hopefully this addresses the \' and '' problems with MSSQL, etc. ... I'd like opinions on the security of doing this.
git-svn-id: file:///svn/phpbb/trunk@1661 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/search.php')
| -rw-r--r-- | phpBB/search.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/search.php b/phpBB/search.php index cdde5fde63..bb40d6a4c1 100644 --- a/phpBB/search.php +++ b/phpBB/search.php @@ -294,7 +294,7 @@ else if( $query_keywords != "" || $query_author != "" || $search_id ) $sql = "SELECT user_id FROM ".USERS_TABLE." - WHERE username LIKE '$query_author'"; + WHERE username LIKE '" . str_replace("\'", "''", $query_author) . "'"; $result = $db->sql_query($sql); if( !$result ) { @@ -507,7 +507,7 @@ else if( $query_keywords != "" || $query_author != "" || $search_id ) // if( $query_author != "" ) { - $query_author = str_replace("*", "%", trim($query_author)); + $query_author = str_replace("*", "%", trim(str_replace("\'", "''", $query_author))); } // @@ -734,7 +734,7 @@ else if( $query_keywords != "" || $query_author != "" || $search_id ) if( !$result || !$db->sql_affectedrows() ) { $sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array) - VALUES($search_id, '" . $userdata['session_id'] . "', '$result_array')"; + VALUES($search_id, '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')"; if( !$result = $db->sql_query($sql) ) { message_die(GENERAL_ERROR, "Couldn't insert search results", "", __LINE__, __FILE__, $sql); |