Skip to content
This repository
Browse code

SECURITY Backporting MySQLDatabase->addslashes() to use mysql_real_es…

…cape_string() instead of the non-multibyte-safe addslashes() PHP function, and using it in Convert::raw2sql()
  • Loading branch information...
commit ca7878453f7b30305e0c703f9cdebfe7c04de017 1 parent b37836f
Ingo Schommer authored
3  core/Convert.php
@@ -104,9 +104,8 @@ static function raw2sql($val) {
104 104
 		if(is_array($val)) {
105 105
 			foreach($val as $k => $v) $val[$k] = self::raw2sql($v);
106 106
 			return $val;
107  
-			
108 107
 		} else {
109  
-			return addslashes($val);
  108
+			return DB::getConn()->addslashes($val);
110 109
 		}
111 110
 	}
112 111
 
8  core/model/Database.php
@@ -112,6 +112,14 @@
112 112
 	protected abstract function tableList();
113 113
 	
114 114
 	/**
  115
+	 * Returns an escaped string.
  116
+	 *
  117
+	 * @param string
  118
+	 * @return string - escaped string
  119
+	 */
  120
+	abstract function addslashes($val);
  121
+	
  122
+	/**
115 123
 	 * The table list, generated by the tableList() function.
116 124
 	 * Used by the requireTable() function.
117 125
 	 * @var array
7  core/model/MySQLDatabase.php
@@ -400,6 +400,13 @@ function databaseError($msg, $errorLevel = E_USER_ERROR) {
400 400
 		
401 401
 		user_error($msg, $errorLevel);
402 402
 	}
  403
+	
  404
+	/*
  405
+	 * This will return text which has been escaped in a database-friendly manner.
  406
+	 */
  407
+	function addslashes($value){
  408
+		return mysql_real_escape_string($value, $this->dbConn);
  409
+	}
403 410
 }
404 411
 
405 412
 /**

0 notes on commit ca78784

Please sign in to comment.
Something went wrong with that request. Please try again.