diff --git a/core/constant_inc.php b/core/constant_inc.php index 50cea68385..1f42c411d6 100644 --- a/core/constant_inc.php +++ b/core/constant_inc.php @@ -195,6 +195,7 @@ define( 'ERROR_HANDLER_ACCESS_TOO_LOW', 17 ); define( 'ERROR_PAGE_REDIRECTION', 18 ); define( 'ERROR_INVALID_REQUEST_METHOD', 19 ); + define( 'ERROR_INVALID_SORT_FIELD', 20 ); # ERROR_CONFIG_* define( 'ERROR_CONFIG_OPT_NOT_FOUND', 100 ); diff --git a/core/utility_api.php b/core/utility_api.php index 4fe5d478bb..de39ff0df5 100644 --- a/core/utility_api.php +++ b/core/utility_api.php @@ -192,10 +192,20 @@ function multi_sort( $p_array, $p_key, $p_direction=ASCENDING ) { $t_factor = 1; } + if( empty( $p_array ) ) { + return $p_array; + } + if( !is_array( current($p_array ) ) ) { + error_parameters( 'tried to multisort an invalid multi-dimensional array' ); + trigger_error(ERROR_GENERIC, ERROR); + } + // Security measure: see http://www.mantisbt.org/bugs/view.php?id=9704 for details - if ( array_key_exists( $p_key, $p_array ) ) { - $t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['$p_key'], \$b['$p_key'] );" ); + if( array_key_exists( $p_key, current($p_array) ) ) { + $t_function = create_function( '$a, $b', "return $t_factor * strnatcasecmp( \$a['" . $p_key . "'], \$b['" . $p_key . "'] );" ); uasort( $p_array, $t_function ); + } else { + trigger_error(ERROR_INVALID_SORT_FIELD, ERROR); } return $p_array; } diff --git a/lang/strings_english.txt b/lang/strings_english.txt index db37dc89e3..b888e49ae5 100644 --- a/lang/strings_english.txt +++ b/lang/strings_english.txt @@ -301,6 +301,7 @@ $MANTIS_ERROR[ERROR_SESSION_HANDLER_INVALID] = 'Invalid session handler.'; $MANTIS_ERROR[ERROR_SESSION_VAR_NOT_FOUND] = 'Session variable \'%s\' not found.'; $MANTIS_ERROR[ERROR_FORM_TOKEN_INVALID] = 'Invalid form security token. Did you submit the form twice by accident?'; $MANTIS_ERROR[ERROR_INVALID_REQUEST_METHOD] = 'This page cannot be accessed using this method.'; +$MANTIS_ERROR[ERROR_INVALID_SORT_FIELD] = 'Invalid sort field.'; $s_login_error = 'Your account may be disabled or blocked or the username/password you entered is incorrect.'; $s_login_cookies_disabled = 'Your browser either doesn\'t know how to handle cookies, or refuses to handle them.';