diff options
| -rw-r--r-- | phpBB/db/mssql.php | 9 | ||||
| -rw-r--r-- | phpBB/db/mysql.php | 5 | ||||
| -rw-r--r-- | phpBB/db/mysql4.php | 5 | ||||
| -rw-r--r-- | phpBB/posting.php | 18 |
4 files changed, 16 insertions, 21 deletions
diff --git a/phpBB/db/mssql.php b/phpBB/db/mssql.php index 6cf118b22a..c54067f822 100644 --- a/phpBB/db/mssql.php +++ b/phpBB/db/mssql.php @@ -403,14 +403,9 @@ class sql_db return ( $query_id ) ? mssql_free_result($query_id) : false; } - function sql_quote($sql) + function sql_escape($msg) { - return str_replace("\'", "''", $sql); - } - - function sql_escape($sql) - { - return str_replace("'", "''", str_replace('\\', '\\\\', $sql)); + return str_replace("'", "''", str_replace('\\', '\\\\', $msg)); } function sql_error($query_id = 0) diff --git a/phpBB/db/mysql.php b/phpBB/db/mysql.php index 132b64f79f..256a7361ad 100644 --- a/phpBB/db/mysql.php +++ b/phpBB/db/mysql.php @@ -379,6 +379,11 @@ class sql_db return ( $query_id ) ? @mysql_free_result($query_id) : false; } + function sql_escape($msg) + { + return mysql_escape_string($msg); + } + function sql_error($sql = '') { if ( !$this->return_on_error ) diff --git a/phpBB/db/mysql4.php b/phpBB/db/mysql4.php index d6f00ed1d6..1c75cf7139 100644 --- a/phpBB/db/mysql4.php +++ b/phpBB/db/mysql4.php @@ -379,11 +379,6 @@ if (!empty($_REQUEST['explain'])) return ( $query_id ) ? @mysql_free_result($query_id) : false; } - function sql_quote($msg) - { - return mysql_escape_string($msg); - } - function sql_escape($msg) { return mysql_escape_string($msg); diff --git a/phpBB/posting.php b/phpBB/posting.php index a80f00c69d..2ae22c224c 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -312,7 +312,7 @@ if (isset($post)) { $topic_sql = array( 'forum_id' => intval($forum_id), - 'topic_title' => $subject, + 'topic_title' => $db->sql_escape(htmlspecialchars($subject)), 'topic_poster' => intval($user->data['user_id']), 'topic_time' => $current_time, 'topic_type' => (!empty($enable_icons)) ? intval($topic_type) : 0, @@ -322,7 +322,7 @@ if (isset($post)) if (!empty($poll_options)) { $topic_sql = array_merge($topic_sql, array( - 'poll_title' => $poll_title, + 'poll_title' => $db->sql_escape($poll_title), 'poll_start' => (!empty($poll_start)) ? $poll_start : $current_time, 'poll_length' => $poll_length * 3600 )); @@ -338,7 +338,7 @@ if (isset($post)) 'topic_id' => intval($topic_id), 'forum_id' => intval($forum_id), 'poster_id' => ($mode == 'edit') ? intval($poster_id) : intval($user->data['user_id']), - 'post_username' => ($username != '') ? $username : '', + 'post_username' => ($username != '') ? $db->sql_escape($username) : '', 'poster_ip' => $user->ip, 'post_time' => $current_time, 'post_approved' => (!empty($enable_moderate) && !$auth->acl_gets('f_ignorequeue', 'm_', 'a_', intval($forum_id))) ? 0 : 1, @@ -356,7 +356,7 @@ if (isset($post)) // post_text ... may merge into posts table $post_text_sql = array( - 'post_subject' => $db->sql_quote(htmlspecialchars($subject)), + 'post_subject' => $db->sql_escape(htmlspecialchars($subject)), 'bbcode_uid' => $bbcode_uid, 'post_id' => intval($post_id), ); @@ -364,10 +364,10 @@ if (isset($post)) { $post_text_sql = array_merge($post_text_sql, array( 'post_checksum' => $message_md5, - 'post_text' => $db->sql_quote($message), + 'post_text' => $db->sql_escape($message), )); } - echo $sql = ($mode == 'edit') ? 'UPDATE ' . POSTS_TEXT_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_text_sql) . ' WHERE post_id = ' . intval($post_id) : 'INSERT INTO ' . POSTS_TEXT_TABLE . ' ' . $db->sql_build_array('INSERT', $post_text_sql); + $sql = ($mode == 'edit') ? 'UPDATE ' . POSTS_TEXT_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $post_text_sql) . ' WHERE post_id = ' . intval($post_id) : 'INSERT INTO ' . POSTS_TEXT_TABLE . ' ' . $db->sql_build_array('INSERT', $post_text_sql); $db->sql_query($sql); // poll options @@ -392,13 +392,13 @@ if (isset($post)) if (empty($cur_poll_options[$i])) { $sql = "INSERT INTO phpbb_poll_results (topic_id, poll_option_text) - VALUES (" . intval($topic_id) . ", '" . sql_quote($poll_options[$i]) . "')"; + VALUES (" . intval($topic_id) . ", '" . $db->sql_escape($poll_options[$i]) . "')"; $db->sql_query($sql); } else if ($poll_options[$i] != $cur_poll_options[$i]) { $sql = "UPDATE phpbb_poll_results - SET poll_option_text = '" . sql_quote($poll_options[$i]) . "' + SET poll_option_text = '" . $db->sql_escape($poll_options[$i]) . "' WHERE poll_option_id = " . $cur_poll_options[$i]['poll_option_id']; $db->sql_query($sql); } @@ -431,7 +431,7 @@ if (isset($post)) 'forum_last_post_id' => intval($post_id), 'forum_last_post_time' => $current_time, 'forum_last_poster_id' => intval($user->data['user_id']), - 'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? $username : $user->data['username'], + 'forum_last_poster_name'=> ($user->data['user_id'] == ANONYMOUS) ? $db->sql_escape($username) : $user->data['username'], ); $sql = 'UPDATE ' . FORUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $forum_sql) . ', forum_posts = forum_posts + 1' . $forum_topics_sql . ' WHERE forum_id IN (' . $forum_ids . ')'; $db->sql_query($sql); |