From: friendica Date: Wed, 30 May 2012 00:14:35 +0000 (-0700) Subject: possible sql injection in search X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=514c994e6a323cd8075da1442c32e65f036539ff;p=friendica.git possible sql injection in search --- diff --git a/include/api.php b/include/api.php index 5697fbdbcb..5c17b35f56 100644 --- a/include/api.php +++ b/include/api.php @@ -995,8 +995,8 @@ else $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", dbesc(protect_sprintf('%' . $myurl)), - dbesc(protect_sprintf('%' . $myurl . '\\]%')), - dbesc(protect_sprintf('%' . $diasp_url . '\\]%')) + dbesc(protect_sprintf('%' . $myurl . ']%')), + dbesc(protect_sprintf('%' . $diasp_url . ']%')) ); if ($max_id > 0) diff --git a/mod/search.php b/mod/search.php index 20007ada77..466ffc4c34 100644 --- a/mod/search.php +++ b/mod/search.php @@ -110,7 +110,7 @@ function search_content(&$a) { if (get_config('system','use_fulltext_engine')) { if($tag) - $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.protect_sprintf($search)); + $sql_extra = sprintf(" AND MATCH (`item`.`tag`) AGAINST ('".'"%s"'."' in boolean mode) ", '#'.dbesc(protect_sprintf($search))); else $sql_extra = sprintf(" AND MATCH (`item`.`body`) AGAINST ('".'"%s"'."' in boolean mode) ", dbesc(protect_sprintf($search))); } else {