diff options
author | Arun Persaud <arun@nubati.net> | 2011-11-26 22:20:22 -0800 |
---|---|---|
committer | Arun Persaud <apersaud@lbl.gov> | 2011-11-26 22:20:22 -0800 |
commit | 629e06724cde4ecd8d1e30fa04567cc1960410c5 (patch) | |
tree | 9f971aafea48b11bb5868086cc22ebd05f896c17 | |
parent | 197867206e97f0b8d85cff0ef7f1bf88a33fd7aa (diff) | |
download | photo-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.tar.gz photo-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.tar.bz2 photo-tags-629e06724cde4ecd8d1e30fa04567cc1960410c5.zip |
escape all users input strings
use intval for integers or sqlite_escape_string for strings
-rw-r--r-- | getjson.php | 6 | ||||
-rw-r--r-- | index.php | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/getjson.php b/getjson.php index cc93c7c..0288646 100644 --- a/getjson.php +++ b/getjson.php @@ -19,7 +19,7 @@ else if (isset($_REQUEST["S"])) { /* single tag or part of tag */ - $tag = $_REQUEST["S"]; + $tag = sqlite_escape_string($_REQUEST["S"]); /* individual tags are separated by '+' */ $result = $DB->query("SELECT name FROM tags where name like \"%$tag%\""); $count = $DB->query("SELECT 1"); @@ -27,14 +27,14 @@ if (isset($_REQUEST["S"])) else { if (isset($_REQUEST["P"])) - $OFFSET = "".($_REQUEST["P"]*$N-$N); + $OFFSET = "".(intval($_REQUEST["P"])*$N-$N); else $OFFSET = "0"; if (isset($_REQUEST["T"])) { /* single tag or part of tag */ - $tags = $_REQUEST["T"]; + $tags = sqlite_escape_string($_REQUEST["T"]); $tags = explode("+",$tags); $tags = "'".implode("','",$tags)."'"; @@ -15,7 +15,7 @@ else $page = 1; if(isset($_REQUEST["tag"])) - $tags = $_REQUEST["tag"]; + $tags = htmlentities($_REQUEST["tag"]); else $tags = ""; |