[HttpKernel] added escaping to the profiler SQLite storage

fabpot · fabpot · commit 10fee8c8bbd4 · 2011-01-08T14:29:59.000+01:00
diff --git a/src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php b/src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php
@@ -233,7 +233,7 @@ public function searchAction()
         $tokens = $profiler->find($ip, $url, $limit);
 
         $response = $this->container->get('response');
-        $response->setRedirect($this->container->get('router')->generate('_profiler_search_results', array('token' => $tokens[0]['token'])));
+        $response->setRedirect($this->container->get('router')->generate('_profiler_search_results', array('token' => $tokens ? $tokens[0]['token'] : '')));
 
         return $response;
     }
diff --git a/src/Symfony/Component/HttpKernel/Profiler/SQLiteProfilerStorage.php b/src/Symfony/Component/HttpKernel/Profiler/SQLiteProfilerStorage.php
@@ -40,19 +40,20 @@ public function __construct($store, $lifetime = 86400)
      */
     public function find($ip, $url, $limit)
     {
+        $db = $this->initDb();
+
         $criteria = array();
 
         if ($ip = preg_replace('/[^\d\.]/', '', $ip)) {
-            $criteria[] = ' ip LIKE "%'.$ip.'%"';
+            $criteria[] = " ip LIKE '%".$ip."%'";
         }
 
         if ($url) {
-            $criteria[] = ' url LIKE "%'.$url.'%"';
+            $criteria[] = " url LIKE '%".$db->escapeString($url)."%'";
         }
 
         $criteria = $criteria ? 'WHERE '.implode(' AND ', $criteria) : '';
 
-        $db = $this->initDb();
         $tokens = $this->fetch($db, 'SELECT token, ip, url, time FROM data '.$criteria.' ORDER BY time DESC LIMIT '.((integer) $limit));
         $this->close($db);
 

Original file line number	Diff line number	Diff line change
`@@ -233,7 +233,7 @@ public function searchAction()`
`233`	`233`	`$tokens = $profiler->find($ip, $url, $limit);`
`234`	`234`
`235`	`235`	`$response = $this->container->get('response');`
`236`		`- $response->setRedirect($this->container->get('router')->generate('_profiler_search_results', array('token' => $tokens[0]['token'])));`
	`236`	`+ $response->setRedirect($this->container->get('router')->generate('_profiler_search_results', array('token' => $tokens ? $tokens[0]['token'] : '')));`
`237`	`237`
`238`	`238`	`return $response;`
`239`	`239`	`}`
Original file line number	Diff line number	Diff line change
`@@ -40,19 +40,20 @@ public function __construct($store, $lifetime = 86400)`
`40`	`40`	`*/`
`41`	`41`	`public function find($ip, $url, $limit)`
`42`	`42`	`{`
	`43`	`+ $db = $this->initDb();`
	`44`	`+`
`43`	`45`	`$criteria = array();`
`44`	`46`
`45`	`47`	`if ($ip = preg_replace('/[^\d\.]/', '', $ip)) {`
`46`		`- $criteria[] = ' ip LIKE "%'.$ip.'%"';`
	`48`	`+ $criteria[] = " ip LIKE '%".$ip."%'";`
`47`	`49`	`}`
`48`	`50`
`49`	`51`	`if ($url) {`
`50`		`- $criteria[] = ' url LIKE "%'.$url.'%"';`
	`52`	`+ $criteria[] = " url LIKE '%".$db->escapeString($url)."%'";`
`51`	`53`	`}`
`52`	`54`
`53`	`55`	`$criteria = $criteria ? 'WHERE '.implode(' AND ', $criteria) : '';`
`54`	`56`
`55`		`- $db = $this->initDb();`
`56`	`57`	`$tokens = $this->fetch($db, 'SELECT token, ip, url, time FROM data '.$criteria.' ORDER BY time DESC LIMIT '.((integer) $limit));`
`57`	`58`	`$this->close($db);`
`58`	`59`