Changeset 1293

Timestamp:

02/18/06 23:44:21 (3 years ago)

Author:

mbonetti

Message:

sanitizing of search.php

Location:

trunk/rss

Files:

• cls/search.php (modified) (2 diffs)
• constants.php (modified) (1 diff)
• util.php (modified) (1 diff)

trunk/rss/cls/search.php

@@ -106 +106 @@
         }
 
-        $this->query = $_REQUEST[QUERY_PRM];
+                // fixme: this probably breaks on queries with weird characters, depending
+                // on the locale. 
+                // see: http://php.benscom.com/manual/en/reference.pcre.pattern.syntax.php
+        $this->query = trim(preg_replace('#[^\w\s]#','',$_REQUEST[QUERY_PRM]));
+        
         if (!$this->query) {
             return;
         }
 
-        $this->matchMode = (!array_key_exists(QUERY_MATCH_MODE, $_REQUEST) ? QUERY_MATCH_AND : $_REQUEST[QUERY_MATCH_MODE]);
-        $this->channelId = (array_key_exists(QUERY_CHANNEL, $_REQUEST)) ? (int) $_REQUEST[QUERY_CHANNEL] : ALL_CHANNELS_ID;
-
-        $this->resultsPerPage = (array_key_exists(QUERY_RESULTS, $_REQUEST)) ? (int) $_REQUEST[QUERY_RESULTS] : INFINE_RESULTS;
-        $this->currentPage = (array_key_exists(QUERY_CURRENT_PAGE, $_REQUEST) ? (int) $_REQUEST[QUERY_CURRENT_PAGE] : 0);
+        $this->matchMode = sanitize(
+                (!array_key_exists(QUERY_MATCH_MODE, $_REQUEST) ? QUERY_MATCH_AND : $_REQUEST[QUERY_MATCH_MODE]), 
+            RSS_SANITIZER_CHARACTERS_EXT);
+            
+        $this->channelId = sanitize(
+            ((array_key_exists(QUERY_CHANNEL, $_REQUEST)) ? $_REQUEST[QUERY_CHANNEL] : ALL_CHANNELS_ID),
+            RSS_SANITIZER_NUMERIC);
+
+        $this->resultsPerPage = sanitize(
+            ((array_key_exists(QUERY_RESULTS, $_REQUEST)) ? $_REQUEST[QUERY_RESULTS] : INFINE_RESULTS),
+            RSS_SANITIZER_NUMERIC);
+        
+        $this->currentPage = sanitize(
+            (array_key_exists(QUERY_CURRENT_PAGE, $_REQUEST) ? $_REQUEST[QUERY_CURRENT_PAGE] : 0),
+            RSS_SANITIZER_NUMERIC);
 
         $this->startItem = $this->resultsPerPage * $this->currentPage;
@@ -125 +139 @@
         }
 
-        $this->orderBy = (array_key_exists(QUERY_ORDER_BY, $_REQUEST) ? $_REQUEST[QUERY_ORDER_BY] : QUERY_ORDER_BY_DATE);
+        $this->orderBy = sanitize(
+            (array_key_exists(QUERY_ORDER_BY, $_REQUEST) ? $_REQUEST[QUERY_ORDER_BY] : QUERY_ORDER_BY_DATE),
+            RSS_SANITIZER_CHARACTERS_EXT);
+            
         $qWhere = "";
         $this->regMatch = "";

trunk/rss/constants.php

@@ -165 +165 @@
 define ('RSS_SANITIZER_NUMERIC', 0x04);
 define ('RSS_SANITIZER_CHARACTERS',0x08);
+define ('RSS_SANITIZER_CHARACTERS_EXT',0x10);
 
 // Profiling 

trunk/rss/util.php

@@ -1183 +1183 @@
     }
     if ($rules & RSS_SANITIZER_NUMERIC) {
-        $ret = preg_replace('#[^0-9\.]#','',$ret);
+        $ret = preg_replace('#[^0-9\.-]#','',$ret);
     }   
     if ($rules & RSS_SANITIZER_CHARACTERS) {
         $ret = preg_replace('#[^a-zA-Z]#','',$ret);
     }
+    if ($rules & RSS_SANITIZER_CHARACTERS_EXT) {
+        $ret = preg_replace('#[^a-zA-Z_]#','',$ret);
+    }
     return $ret;
 }