From b797b97595408e14678a784f46518f281bf32ea5 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 15 Nov 2009 05:32:14 +0000 Subject: [PATCH 1/2] some checks --- contrib/pools/main.php | 58 ++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 30 deletions(-) diff --git a/contrib/pools/main.php b/contrib/pools/main.php index 8de48326..0afe5202 100644 --- a/contrib/pools/main.php +++ b/contrib/pools/main.php @@ -85,7 +85,7 @@ class Pools extends SimpleExtension { if(!$user->is_anonymous()) { $newPoolID = $this->add_pool(); $page->set_mode("redirect"); - $page->set_redirect(make_link("pool/view/".$newPoolID."")); + $page->set_redirect(make_link("pool/view/".$newPoolID)); } else { $this->theme->display_error("You must be registered and logged in to add a image."); } @@ -93,7 +93,7 @@ class Pools extends SimpleExtension { } case "view": { - $poolID = $event->get_arg(1); + $poolID = int_escape($event->get_arg(1)); $this->get_posts($event, $poolID); break; } @@ -105,7 +105,7 @@ class Pools extends SimpleExtension { case "revert": { if(!$user->is_anonymous()) { - $historyID = $event->get_arg(1); + $historyID = int_escape($event->get_arg(1)); $this->revert_history($historyID); @@ -116,7 +116,7 @@ class Pools extends SimpleExtension { } case "edit": { - $poolID = $event->get_arg(1); + $poolID = int_escape($event->get_arg(1)); $pools = $this->get_pool($poolID); foreach($pools as $pool) { @@ -125,7 +125,7 @@ class Pools extends SimpleExtension { $this->theme->edit_pool($page, $this->get_pool($poolID), $this->edit_posts($poolID)); } else { $page->set_mode("redirect"); - $page->set_redirect(make_link("pool/view/".$poolID."")); + $page->set_redirect(make_link("pool/view/".$poolID)); } } break; @@ -134,12 +134,12 @@ class Pools extends SimpleExtension { { $poolID = int_escape($_POST["pool_id"]); $page->set_mode("redirect"); - $page->set_redirect(make_link("pool/edit/".$poolID."")); + $page->set_redirect(make_link("pool/edit/".$poolID)); break; } case "order": { - $poolID = $event->get_arg(1); + $poolID = int_escape($event->get_arg(1)); $pools = $this->get_pool($poolID); foreach($pools as $pool) { @@ -325,7 +325,7 @@ class Pools extends SimpleExtension { (?, ?, ?, ?, now())", array($user->id, $public, $title, $description)); - $result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID", array()); + $result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID"); log_info("pools", "Pool {$result["poolID"]} created by {$user->name}"); @@ -338,8 +338,7 @@ class Pools extends SimpleExtension { return $database->get_all("SELECT * FROM pools WHERE id=?", array($poolID)); } - private function get_single_pool($poolID) - { + private function get_single_pool($poolID) { global $database; $poolID = int_escape($poolID); return $database->get_row("SELECT * FROM pools WHERE id=?", array($poolID)); @@ -351,7 +350,7 @@ class Pools extends SimpleExtension { private function get_pool_id($imageID) { global $database; $imageID = int_escape($imageID); - return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id =?", array($imageID)); + return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id=?", array($imageID)); } @@ -415,7 +414,7 @@ class Pools extends SimpleExtension { list ($imageORDER, $imageID) = $data; $imageID = int_escape($imageID); - $database->Execute("UPDATE pool_images SET image_order = ? WHERE pool_id = ? AND image_id = ?", array($imageORDER, $poolID, $imageID)); + $database->Execute("UPDATE pool_images SET image_order=? WHERE pool_id=? AND image_id=?", array($imageORDER, $poolID, $imageID)); } return $poolID; @@ -433,8 +432,7 @@ class Pools extends SimpleExtension { $images = ""; foreach ($_POST['check'] as $imageID) { - $database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID)); - + $database->execute("DELETE FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID)); $images .= " ".$imageID; } @@ -481,13 +479,13 @@ class Pools extends SimpleExtension { // WE CHECK IF THE EXTENSION RATING IS INSTALLED, WICH VERSION AND IF IT WORKS TO SHOW/HIDE SAFE, QUESTIONABLE, EXPLICIT AND UNRATED IMAGES FROM USER if($config->get_int("ext_ratings2_version") < 3) { - $result = $database->get_all("SELECT image_id ". - "FROM pool_images ". - "WHERE pool_id=? ". - "ORDER BY image_order ASC ". - "LIMIT ?, ?" - , array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); - $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?",array($poolID)) / $imagesPerPage); + $result = $database->get_all("SELECT image_id + FROM pool_images + WHERE pool_id=? + ORDER BY image_order ASC + LIMIT ?, ?", + array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); + $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?", array($poolID)) / $imagesPerPage); } if($config->get_int("ext_ratings2_version") >= 3) { @@ -506,15 +504,15 @@ class Pools extends SimpleExtension { } $rating = join(', ', $arr); - $result = $database->get_all("SELECT p.image_id ". - "FROM pool_images AS p ". - "INNER JOIN images AS i ". - "ON i.id = p.image_id ". - "WHERE p.pool_id = ? ". - "AND i.rating IN ($rating) ". - "ORDER BY p.image_order ASC ". - "LIMIT ?, ?" - , array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); + $result = $database->get_all("SELECT p.image_id + FROM pool_images AS p + INNER JOIN images AS i + ON i.id = p.image_id + WHERE p.pool_id = ? + AND i.rating IN ($rating) + ORDER BY p.image_order ASC + LIMIT ?, ?", + array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) ". "FROM pool_images AS p ". From 57b2a4df9e57ab1cdf56197f5d93c6458861db20 Mon Sep 17 00:00:00 2001 From: Shish Date: Sun, 15 Nov 2009 06:31:18 +0000 Subject: [PATCH 2/2] some escapes --- contrib/pools/main.php | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/contrib/pools/main.php b/contrib/pools/main.php index 0afe5202..51474139 100644 --- a/contrib/pools/main.php +++ b/contrib/pools/main.php @@ -217,7 +217,7 @@ class Pools extends SimpleExtension { } case "nuke": { - $pool_id = $event->get_arg(1); + $pool_id = int_escape($event->get_arg(1)); $pool = $this->get_single_pool($pool_id); // only admins and owners may do this @@ -277,7 +277,7 @@ class Pools extends SimpleExtension { private function list_pools(Page $page, $event) { global $config, $database; - $pageNumber = $event->get_arg(1); + $pageNumber = int_escape($event->get_arg(1)); if(is_null($pageNumber) || !is_numeric($pageNumber)) $pageNumber = 0; else if ($pageNumber <= 0) @@ -366,7 +366,7 @@ class Pools extends SimpleExtension { $poolsMaxResults = $config->get_int("poolsMaxImportResults", 1000); - $images = $images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag)); + $images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag)); $this->theme->pool_result($page, $images, $pool_id); } @@ -382,7 +382,6 @@ class Pools extends SimpleExtension { $images = ""; foreach ($_POST['check'] as $imageID) { - if(!$this->check_post($poolID, $imageID)) { $database->execute(" INSERT INTO pool_images @@ -393,7 +392,6 @@ class Pools extends SimpleExtension { $images .= " ".$imageID; } - } if(!strlen($images) == 0) { @@ -668,8 +666,7 @@ class Pools extends SimpleExtension { global $database; $status = $database->get_all("SELECT * FROM pool_history WHERE id=?", array($historyID)); - foreach ($status as $entry) - { + foreach ($status as $entry) { $images = trim($entry['images']); $images = explode(" ", $images); $poolID = $entry['pool_id'];