valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix double-escaping possible with encrypted passwords

This commit is contained in:
Andrew Dolgov 2013-04-13 18:58:09 +04:00
parent 5276b7c768
commit 41694a956d
3 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
classes/pref/feeds.php
View File

@ -932,7 +932,7 @@ class Pref_Feeds extends Handler_Protected {
$feed_ids = db_escape_string($this->link, $_POST["ids"]); /* batchEditSave */ $feed_ids = db_escape_string($this->link, $_POST["ids"]); /* batchEditSave */
$cat_id = (int) db_escape_string($this->link, $_POST["cat_id"]); $cat_id = (int) db_escape_string($this->link, $_POST["cat_id"]);
$auth_login = db_escape_string($this->link, trim($_POST["auth_login"])); $auth_login = db_escape_string($this->link, trim($_POST["auth_login"]));
$auth_pass = db_escape_string($this->link, trim($_POST["auth_pass"])); $auth_pass = trim($_POST["auth_pass"]);
$private = checkbox_to_sql_bool(db_escape_string($this->link, $_POST["private"])); $private = checkbox_to_sql_bool(db_escape_string($this->link, $_POST["private"]));
$include_in_digest = checkbox_to_sql_bool( $include_in_digest = checkbox_to_sql_bool(
db_escape_string($this->link, $_POST["include_in_digest"])); db_escape_string($this->link, $_POST["include_in_digest"]));
@ -954,6 +954,8 @@ class Pref_Feeds extends Handler_Protected {
$auth_pass_encrypted = 'false'; $auth_pass_encrypted = 'false';
} }
$auth_pass = db_escape_string($this->link, $auth_pass);
if (get_pref($this->link, 'ENABLE_FEED_CATS')) { if (get_pref($this->link, 'ENABLE_FEED_CATS')) {
if ($cat_id && $cat_id != 0) { if ($cat_id && $cat_id != 0) {
$category_qpart = "cat_id = '$cat_id',"; $category_qpart = "cat_id = '$cat_id',";
@ -1842,7 +1844,7 @@ class Pref_Feeds extends Handler_Protected {
$cat_id = db_escape_string($this->link, $_REQUEST['cat']); $cat_id = db_escape_string($this->link, $_REQUEST['cat']);
$feeds = explode("\n", $_REQUEST['feeds']); $feeds = explode("\n", $_REQUEST['feeds']);
$login = db_escape_string($this->link, $_REQUEST['login']); $login = db_escape_string($this->link, $_REQUEST['login']);
$pass = db_escape_string($this->link, $_REQUEST['pass']); $pass = trim($_REQUEST['pass']);
foreach ($feeds as $feed) { foreach ($feeds as $feed) {
$feed = db_escape_string($this->link, trim($feed)); $feed = db_escape_string($this->link, trim($feed));
@ -1869,6 +1871,8 @@ class Pref_Feeds extends Handler_Protected {
$auth_pass_encrypted = 'false'; $auth_pass_encrypted = 'false';
} }
$pass = db_escape_string($this->link, $pass);
if (db_num_rows($result) == 0) { if (db_num_rows($result) == 0) {
$result = db_query($this->link, $result = db_query($this->link,
"INSERT INTO ttrss_feeds "INSERT INTO ttrss_feeds

2
classes/rpc.php
View File

@ -104,7 +104,7 @@ class RPC extends Handler_Protected {
$feed = db_escape_string($this->link, $_REQUEST['feed']); $feed = db_escape_string($this->link, $_REQUEST['feed']);
$cat = db_escape_string($this->link, $_REQUEST['cat']); $cat = db_escape_string($this->link, $_REQUEST['cat']);
$login = db_escape_string($this->link, $_REQUEST['login']); $login = db_escape_string($this->link, $_REQUEST['login']);
$pass = db_escape_string($this->link, $_REQUEST['pass']); $pass = trim($_REQUEST['pass']); // escaped later
$rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass); $rc = subscribe_to_feed($this->link, $feed, $cat, $login, $pass);

2
include/functions.php
View File

@ -1622,6 +1622,8 @@
$auth_pass_encrypted = 'false'; $auth_pass_encrypted = 'false';
} }
$auth_pass = db_escape_string($this->link, $auth_pass);
if (db_num_rows($result) == 0) { if (db_num_rows($result) == 0) {
$result = db_query($link, $result = db_query($link,
"INSERT INTO ttrss_feeds "INSERT INTO ttrss_feeds