diff options
author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-03-07 08:44:57 +0000 |
---|---|---|
committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-03-07 08:44:57 +0000 |
commit | 43d565053807fbe458fe42ab67f5c41cc5437118 (patch) | |
tree | 499fcd59c43d3b27bc8112e606d0e5e3dac8b7d6 /wp-inst/wp-content/mu-plugins/doc_referers.php | |
parent | 280976517c23d0eb377ed4e4a8f1b981a0d1c6ee (diff) | |
download | wordpress-mu-43d565053807fbe458fe42ab67f5c41cc5437118.tar.gz wordpress-mu-43d565053807fbe458fe42ab67f5c41cc5437118.tar.xz wordpress-mu-43d565053807fbe458fe42ab67f5c41cc5437118.zip |
Check input variables (thanks itdamager!)
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@536 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-inst/wp-content/mu-plugins/doc_referers.php')
-rw-r--r-- | wp-inst/wp-content/mu-plugins/doc_referers.php | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/wp-inst/wp-content/mu-plugins/doc_referers.php b/wp-inst/wp-content/mu-plugins/doc_referers.php index d8d90ca..d923e37 100644 --- a/wp-inst/wp-content/mu-plugins/doc_referers.php +++ b/wp-inst/wp-content/mu-plugins/doc_referers.php @@ -117,7 +117,7 @@ class DOC_Referers { } if( $_GET[ $field ] != '' ) - $vals .= "<input type='hidden' name='".$field."' value='".$_GET[ $field ]."'>\n"; + $vals .= "<input type='hidden' name='".$field."' value='".htmlentities( $_GET[ $field ] )."'>\n"; } return $vals; } @@ -132,7 +132,7 @@ class DOC_Referers { if( $field != $var ) { if( $_GET[ $field ] != '' ) - $url .= $sep.$field."=".$_GET[ $field ]; + $url .= $sep.$field."=".htmlentities( $_GET[ $field ] ); } else { @@ -146,14 +146,14 @@ class DOC_Referers { { global $wpdb; - $action = $_GET[ 'action' ]; - $day = $_GET[ 'day' ]; + $action = addslashes( $_GET[ 'action' ] ); + $day = intval( $_GET[ 'day' ] ); $del = $_GET[ 'del' ]; - $num = $_GET[ 'num' ]; - $more = $_GET[ 'more' ]; - $order = $_GET[ 'order' ]; - $ignoreDIRECT = $_GET[ 'ignoreDIRECT' ]; - $internal = $_GET[ 'internal' ]; + $num = intval( $_GET[ 'num' ] ); + $more = intval( $_GET[ 'more' ] ); + $order = addslashes( $_GET[ 'order' ] ); + $ignoreDIRECT = addslashes( $_GET[ 'ignoreDIRECT' ] ); + $internal = addslashes( $_GET[ 'internal' ] ); if( $ignoreDIRECT == '' ) { $ignoreDIRECT = get_option( 'ignoreDIRECT' ); @@ -192,7 +192,7 @@ class DOC_Referers { while( list( $key, $val ) = each( $del ) ) { $query = "DELETE FROM " . $wpdb->doc_referers . " - WHERE visitID = '".$val."'"; + WHERE visitID = '".intval( $val )."'"; $result = $wpdb->query($query); } } @@ -212,7 +212,7 @@ class DOC_Referers { reset( $del ); while( list( $key, $val ) = each( $del ) ) { - $query = "SELECT referingURL FROM " . $wpdb->doc_referers . " WHERE visitID = '".$val."'"; + $query = "SELECT referingURL FROM " . $wpdb->doc_referers . " WHERE visitID = '".intval( $val )."'"; $result=$wpdb->get_var( $query ); if( $result ) { @@ -230,7 +230,7 @@ class DOC_Referers { reset( $del ); while( list( $key, $val ) = each( $del ) ) { - $query = "DELETE FROM " . $wpdb->doc_blacklist . " WHERE ID='".$val."'"; + $query = "DELETE FROM " . $wpdb->doc_blacklist . " WHERE ID='".intval( $val )."'"; $result = $wpdb->query($query); } } @@ -554,8 +554,8 @@ class DOC_Referers { } $ref = $_SERVER["HTTP_REFERER"]; - $currentURL = $_SERVER[ 'REQUEST_URI' ]; - $fullCurrentURL = "http://" . $_SERVER[ 'HTTP_HOST' ] . $_SERVER[ 'REQUEST_URI' ]; + $currentURL = addslashes( $_SERVER[ 'REQUEST_URI' ] ); + $fullCurrentURL = "http://" . addslashes( $_SERVER[ 'HTTP_HOST' ] ) . addslashes( $_SERVER[ 'REQUEST_URI' ] ); if( $ref == '' ) { $ref = "DIRECT"; @@ -661,7 +661,7 @@ class DOC_Referers { } } - $ua = getenv( 'HTTP_USER_AGENT' ); + $ua = addslashes( $_SERVER["HTTP_USER_AGENT"] ); $useragents = array( "http://www.syndic8.com", "http://dir.com/pompos.html", "NaverBot-1.0", "http://help.yahoo.com/help/us/ysearch/slurp", "http://www.google.com/bot.html", "http://www.blogdigger.com/", "http://search.msn.com/msnbot.htm", "Feedster, LLC.", "http://www.breakingblogs.com/timbo_bot.html", "fastbuzz.com", "http://www.pubsub.com/", "http://www.bloglines.com", "http://www.drupal.org/", "Ask Jeeves/Teoma", "ia_archiver", "http://minutillo.com/steve/feedonfeeds/", "larbin_2", "lmspider", "kinjabot", "lickBot 2.0", "Downes/Referrers", "daypopbot", "www.globalspec.com" ); reset( $useragents ); while( list( $key, $val ) = each( $useragents ) ) |