PEAK XOOPS - Security Alert: class/criteria.php in englishin japanese

Archive | RSS |
Site News
Site News : Security Alert: class/criteria.php
Poster : GIJOE on 2005-06-29 10:32:31 (11229 reads)

in englishin japanese
This is a serious report about almost version of XOOPS.
A missing of single quotation makes a big hole.
(I shall never write the details like POC)

I think it's EMERGENCY for users using XOOPS < 2.0.10-1JP or 2.0.12.

You can fix it easily with any version of XOOPS.
- Open class/criteria.php
- go to line 342
- find the function named render()
- remove like this


	/**
	 * Make a sql condition string
	 * 
	 * @return  string
	 **/
	function render() {
		if ( is_numeric($this->value) || in_array(strtoupper($this->operator), array('IN', 'NOT IN'))) {
			$value = $this->value;
		} else {
			if ( '' === ($value = trim($this->value)) ) {
				return '';
			}
			if ( (substr($value, 0, 1) != '`') && (substr($value, -1) != '`') ) {
				$value = "'$value'";
			}
		}
		$clause = (!empty($this->prefix) ? "{$this->prefix}." : "") . $this->column;
		if ( !empty($this->function) ) {
			$clause = sprintf($this->function, $clause);
		}
		$clause .= " {$this->operator} $value";
		return $clause;
	}

0 comments
Printer friendly page Send this story to a friend

Comments list

View more comments...
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!