Revert "Fixed issue : Potential SQL security with array in param"

This reverts commit 39f8bfb.
LimeSurvey · Jun 14, 2013 · cd88e57 · cd88e57
1 parent e39a8f4
commit cd88e57
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 11 deletions.
diff --git a/application/helpers/common_helper.php b/application/helpers/common_helper.php
@@ -1601,16 +1601,17 @@ function fixMovedQuestionConditions($qid,$oldgid,$newgid) //Function rewrites th
 */
 function returnGlobal($stringname)
 {
-    $urlParam=Yii::app()->request->getParam($stringname);
-    if(!$urlParam && $aCookies=Yii::app()->request->getCookies()) // Get gookies (what for ? But used before)
+    if ($stringname=='sid') // don't read SID from a Cookie
     {
-        if(isset($aCookies[$stringname]))
-        {
-            $urlParam = $aCookies[$stringname];
-        }
+        if (isset($_GET[$stringname])) $urlParam = $_GET[$stringname];
+        if (isset($_POST[$stringname])) $urlParam = $_POST[$stringname];
+    }
+    elseif (isset($_REQUEST[$stringname]))
+    {
+        $urlParam = $_REQUEST[$stringname];
     }
 
-    if ($urlParam && is_string($urlParam))
+    if (isset($urlParam))
     {
         if ($stringname == 'sid' || $stringname == "gid" || $stringname == "oldqid" ||
         $stringname == "qid" || $stringname == "tid" ||

diff --git a/application/models/Survey.php b/application/models/Survey.php
@@ -342,10 +342,6 @@ public function deleteSurvey($iSurveyID, $recursive=true)
     }
 
     public function findByPk($pk, $condition = '', $params = array()) {
-        if(!is_int($pk))
-        {
-            return false;
-        }
         if (empty($condition) && empty($params)) {
             if (array_key_exists($pk, $this->findByPkCache)) {
                 return $this->findByPkCache[$pk];