|
63 | 63 | $db_server = trim($_SESSION['databasehost']); |
64 | 64 | $db_server = preg_replace($san,'',$db_server); |
65 | 65 |
|
66 | | -$db_admin_name = trim($_SESSION['databaseloginname']); |
67 | | -$db_admin_name = preg_replace($san,'',$db_admin_name); |
68 | | - |
69 | 66 | $db_admin_pass = trim($_SESSION['databaseloginpassword']); |
70 | 67 | $db_admin_pass = preg_replace($san,'',$db_admin_pass); |
71 | 68 |
|
72 | 69 | $db_type = trim($_SESSION['databasetype']); |
73 | 70 | $db_type = preg_replace($san,'',$db_type); |
74 | 71 |
|
75 | | -$tl_db_login = trim($_SESSION['tl_loginname']); |
76 | | -$tl_db_login = preg_replace($san,'',$tl_db_login); |
77 | | - |
78 | 72 | $tl_db_passwd = trim($_SESSION['tl_loginpassword']); |
79 | 73 | $tl_db_passwd = preg_replace($san,'',$tl_db_passwd); |
80 | 74 |
|
81 | 75 |
|
| 76 | +// will limit length to avoi some kind of injection |
| 77 | +// Choice: 32 |
| 78 | +$tl_db_login = trim($_SESSION['tl_loginname']); |
| 79 | +$tl_db_login = substr(preg_replace($san,'',$tl_db_login),0,32); |
| 80 | + |
| 81 | +$db_admin_name = trim($_SESSION['databaseloginname']); |
| 82 | +$db_admin_name = substr(preg_replace($san,'',$db_admin_name),0,32); |
| 83 | + |
| 84 | + |
82 | 85 |
|
83 | 86 | $sql_create_schema = array(); |
84 | 87 | $sql_create_schema[] = "sql/{$db_type}/testlink_create_tables.sql"; |
|
0 commit comments