Changeset 586 for trunk/Modules/Search/Search.php

Timestamp:

Oct 7, 2013, 11:52:11 PM (11 years ago)

Author:

chronos

Message:

• Fixed: SQL injection protection was not applied because of new dynamic URL handling.
• Fixed: HTML entities encodin for search input string.

File:

• trunk/Modules/Search/Search.php (modified) (2 diffs)

trunk/Modules/Search/Search.php

@@ -41 +41 @@
                 else if(array_key_exists('text', $_POST)) $Search = $_POST['text'];
                 else $Search = '';
+                $SearchHTML = htmlentities($Search);
         
                 $Output = '<table class="BaseTable"><tr><th>Skupina</th><th>Výsledků</th></tr>';
@@ -52 +53 @@
                         foreach($Group['Items'] as $Item)
                         {
-                                if($Item['Column'] != '') $sql .= ' OR `'.$Item['Column'].'` LIKE "%'.$Search.'%"';
+                                if($Item['Column'] != '') $sql .= ' OR (`'.$Item['Column'].'` LIKE "%'.$Search.'%")';
                         }
                         $DbResult = $this->Database->query($sql);
                         $Line = $DbResult->fetch_row();
-                        $Output .= '<tr><td><a href="'.$this->System->Link('/TranslationList.php?group='.$Group['Id'].'&amp;user=0&amp;state=0&amp;text='.$Search.'&amp;entry=').'">'.$Group['Name'].'</a></td><td>'.$Line[0].'</td></tr>';
+                        $Output .= '<tr><td><a href="'.$this->System->Link('/TranslationList.php?group='.
+                          $Group['Id'].'&amp;user=0&amp;state=0&amp;text='.$SearchHTML.'&amp;entry=').'">'.
+                          $Group['Name'].'</a></td><td>'.$Line[0].'</td></tr>';
                 }
         
                 $DbResult = $this->Database->query('SELECT count(*) FROM `User` WHERE `Name` LIKE "%'.$Search.'%"');
                 $Line = $DbResult->fetch_row();
-                $Output .= '<tr><td><a href="'.$this->System->Link('/userlist.php?search='.$Search).'">Uživatelé</a></td><td>'.$Line[0].'</td></tr>';
+                $Output .= '<tr><td><a href="'.$this->System->Link('/userlist.php?search='.$SearchHTML).'">Uživatelé</a></td><td>'.$Line[0].'</td></tr>';
         
                 $DbResult = $this->Database->query('SELECT count(*) FROM `Team` WHERE `Name` LIKE "%'.$Search.'%" OR `Description` LIKE "%'.$Search.'%"');
                 $Line = $DbResult->fetch_row();
-                $Output .= '<tr><td><a href="'.$this->System->Link('/team/?search='.$Search).'">Týmy</a></td><td>'.$Line[0].'</td></tr>';
+                $Output .= '<tr><td><a href="'.$this->System->Link('/team/?search='.$SearchHTML).'">Týmy</a></td><td>'.$Line[0].'</td></tr>';
         
                 $DbResult = $this->Database->query('SELECT count(*) FROM `CzWoWPackageVersion` WHERE `Text` LIKE "%'.$Search.'%"');
                 $Line = $DbResult->fetch_row();
                 $Output .= '<tr><td><a href="'.$this->System->Link('/download.php?addon').'">Čeština pro klienta</a></td><td>'.$Line[0].'</td></tr>';
-                $Output .= '<tr><td><a href="'.$this->System->Link('/aowow/?search='.$Search).'">Vyhledávací databáze AoWoW</a></td></tr>';
+                $Output .= '<tr><td><a href="'.$this->System->Link('/aowow/?search='.$SearchHTML).'">Vyhledávací databáze AoWoW</a></td></tr>';
         
                 $DbResult = $this->Database->query('SELECT count(*) FROM `Dictionary` WHERE '.
                         '(`Text` LIKE "%'.$Search.'%" OR `Description` LIKE "%'.$Search.'%") AND `Language` = '.$this->System->Config['OriginalLanguage']);
                 $Line = $DbResult->fetch_row();
-                $Output .= '<tr><td><a href="'.$this->System->Link('/dictionary/?search='.$Search).'">Slovníček</a></td><td>'.$Line[0].'</td></tr>';
+                $Output .= '<tr><td><a href="'.$this->System->Link('/dictionary/?search='.$SearchHTML).
+      '">Slovníček</a></td><td>'.$Line[0].'</td></tr>';
         
                 $Output .= '</table>';