Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix SQL injection in read.php's - thanks, stjohns\!
  • Loading branch information
acohn committed Apr 4, 2015
1 parent 4512e3f commit 57e4409
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions read.php
Expand Up @@ -71,7 +71,7 @@ interface_disp_page($page);
if (User::logged_in()) {
//TODO add searchname instead?
$page->url = add_param($page->url, 'searchnum', $searchnum);
$addtolist = (isset($_POST['addtolist']) ? $_POST['addtolist'] : false);
$addtolist = (isset($_POST['addtolist']) ? (bool)$_POST['addtolist'] : false);
// if person is manipulating which tier this plan is on their autoread list
if (isset($_POST['block_user'])) {
if ($_POST['block_user'] == 1) {
Expand All @@ -91,12 +91,12 @@ interface_disp_page($page);
$msg = new InfoText("User " . $planinfo[0][0] . " has been unblocked.");
}
$page->append($msg);
} else if ($addtolist == 1) {
$privlevel = (isset($_POST['privlevel']) ? $_POST['privlevel'] : 0);
} else if ($addtolist) {
$privlevel = (isset($_POST['privlevel']) ? (int)$_POST['privlevel'] : 0);
if ($privlevel == 0) {
mysql_query("DELETE FROM autofinger WHERE owner = '$idcookie' and interest = '$searchnum'");
$yay = new InfoText("User " . $planinfo[0][0] . " removed from your autoread list.");
} else {
} else if ($privlevel > 0 && $privlevel <= 3) {
mysql_query("INSERT INTO autofinger (owner, interest, priority) VALUES ('$idcookie', '$searchnum', '$privlevel') ON DUPLICATE KEY UPDATE priority=$privlevel");
$yay = new InfoText("User " . $planinfo[0][0] . " is now on your autoread list with priority level of " . $privlevel . ".");
}
Expand Down

0 comments on commit 57e4409

Please sign in to comment.