summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2013-06-11 22:33:34 +0200
committerBenny Baumann <BenBE@geshi.org>2013-06-11 22:33:34 +0200
commit216271b2501cba5ac2724c56588fa62c725d1d69 (patch)
tree92ac053ba899c2195f411eff5bd8d01cb869c337
parent0913b852c9e7a335cc2700f6f7d573565218c9dc (diff)
parentf0318d79dbc69e444fee4c085cdb3ee152318e1c (diff)
downloadcacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.tar.gz
cacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.tar.xz
cacert-devel-216271b2501cba5ac2724c56588fa62c725d1d69.zip
Merge branch 'bug-1162' into testserver-stable
Conflicts: www/wot.php
-rw-r--r--includes/lib/general.php4
-rw-r--r--pages/account/41.php2
-rw-r--r--pages/account/43.php8
-rw-r--r--pages/account/49.php2
-rw-r--r--pages/account/53.php2
-rw-r--r--pages/account/54.php2
-rw-r--r--pages/wot/12.php6
-rw-r--r--pages/wot/13.php6
-rw-r--r--tverify/index.php10
-rw-r--r--www/alert_hash_collision.php8
-rw-r--r--www/api/cemails.php4
-rw-r--r--www/api/edu.php2
-rw-r--r--www/disputes.php20
-rw-r--r--www/index.php54
-rw-r--r--www/verify.php4
-rw-r--r--www/wot.php20
16 files changed, 77 insertions, 77 deletions
diff --git a/includes/lib/general.php b/includes/lib/general.php
index 85b132d..32a24bc 100644
--- a/includes/lib/general.php
+++ b/includes/lib/general.php
@@ -32,9 +32,9 @@
function get_user_id_from_cert($serial, $issuer_cn)
{
$query = "select `memid` from `emailcerts` where
- `serial`='".mysql_escape_string($serial)."' and
+ `serial`='".mysql_real_escape_string($serial)."' and
`rootcert`= (select `id` from `root_certs` where
- `Cert_Text`='".mysql_escape_string($issuer_cn)."') and
+ `Cert_Text`='".mysql_real_escape_string($issuer_cn)."') and
`revoked`=0 and disablelogin=0 and
UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
$res = mysql_query($query);
diff --git a/pages/account/41.php b/pages/account/41.php
index d61d8db..f644025 100644
--- a/pages/account/41.php
+++ b/pages/account/41.php
@@ -57,7 +57,7 @@ require_once($_SESSION['_config']['filepath'].'/includes/lib/l10n.php');
$res = mysql_query($query);
while($row = mysql_fetch_assoc($res))
{
- $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_escape_string($row['lang'])."'"));
+ $lang = mysql_fetch_assoc(mysql_query("select * from `languages` where `locale`='".mysql_real_escape_string($row['lang'])."'"));
?>
<tr>
<td class="DataTD"><?=_("Additional Language")?>:</td>
diff --git a/pages/account/43.php b/pages/account/43.php
index eb18926..94dfde6 100644
--- a/pages/account/43.php
+++ b/pages/account/43.php
@@ -21,7 +21,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
if(array_key_exists('assurance',$_REQUEST) && $_REQUEST['assurance'] > 0)
{
- $assurance = mysql_escape_string(intval($_REQUEST['assurance']));
+ $assurance = mysql_real_escape_string(intval($_REQUEST['assurance']));
$row = 0;
$res = mysql_query("select `to` from `notary` where `id`='$assurance'");
if ($res) {
@@ -35,7 +35,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
if(intval(array_key_exists('userid',$_REQUEST)?$_REQUEST['userid']:0) <= 0)
{
- $emailsearch = $email = mysql_escape_string(stripslashes($_REQUEST['email']));
+ $emailsearch = $email = mysql_real_escape_string(stripslashes($_REQUEST['email']));
//Disabled to speed up the queries
//if(!strstr($email, "%"))
@@ -300,7 +300,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
</table>
<br><?
$query = "select * from `email` where `memid`='".intval($row['id'])."' and `deleted`=0 and `hash`=''
- and `email`!='".mysql_escape_string($row['email'])."'";
+ and `email`!='".mysql_real_escape_string($row['email'])."'";
$dres = mysql_query($query);
if(mysql_num_rows($dres) > 0) { ?>
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
@@ -377,7 +377,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php");
4. users.email = primary-email
--- Assurer, assure someone find user query
- select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."'
+ select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."'
and `deleted`=0
=> requirements
1. users.deleted = 0
diff --git a/pages/account/49.php b/pages/account/49.php
index 0218fa0..fed1cb9 100644
--- a/pages/account/49.php
+++ b/pages/account/49.php
@@ -19,7 +19,7 @@
$userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
if($userid <= 0)
{
- $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain']));
+ $domainsearch = $domain = mysql_real_escape_string(stripslashes($_POST['domain']));
if(!strstr($domain, "%"))
$domainsearch = "%$domain%";
if(preg_match("/^\d+$/",$domain))
diff --git a/pages/account/53.php b/pages/account/53.php
index cc9e2d6..1ec04b2 100644
--- a/pages/account/53.php
+++ b/pages/account/53.php
@@ -16,7 +16,7 @@
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/ ?>
<?
- $town = array_key_exists('town',$_REQUEST)?mysql_escape_string(stripslashes($_REQUEST['town'])):"";
+ $town = array_key_exists('town',$_REQUEST)?mysql_real_escape_string(stripslashes($_REQUEST['town'])):"";
$regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
$ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
$start = array_key_exists('start',$_REQUEST)?intval($_REQUEST['start']):0;
diff --git a/pages/account/54.php b/pages/account/54.php
index 753b4af..35dce33 100644
--- a/pages/account/54.php
+++ b/pages/account/54.php
@@ -19,7 +19,7 @@
$ccid = array_key_exists('ccid',$_REQUEST)?intval($_REQUEST['ccid']):0;
$regid = array_key_exists('regid',$_REQUEST)?intval($_REQUEST['regid']):0;
$locid = array_key_exists('locid',$_REQUEST)?intval($_REQUEST['locid']):0;
- $name = array_key_exists('name',$_REQUEST)?mysql_escape_string($_REQUEST['name']):"";
+ $name = array_key_exists('name',$_REQUEST)?mysql_real_escape_string($_REQUEST['name']):"";
if($ccid > 0 && $_REQUEST['action'] == "add") { ?>
<form method="post" action="account.php">
diff --git a/pages/wot/12.php b/pages/wot/12.php
index a0bbf50..e6b20ca 100644
--- a/pages/wot/12.php
+++ b/pages/wot/12.php
@@ -65,9 +65,9 @@ document.f.location.focus();
{
$bits = explode(",", $_REQUEST['location']);
- $loc = trim(mysql_escape_string($bits['0']));
- $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1']));
- $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2']));
+ $loc = trim(mysql_real_escape_string($bits['0']));
+ $reg = ""; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1']));
+ $ccname = ""; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2']));
$query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where
`locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and
diff --git a/pages/wot/13.php b/pages/wot/13.php
index eac7e18..1143769 100644
--- a/pages/wot/13.php
+++ b/pages/wot/13.php
@@ -21,9 +21,9 @@ if(array_key_exists('location',$_REQUEST) && $_REQUEST['location'] != "") {
{
$bits = explode(",", $_REQUEST['location']);
- $loc = trim(mysql_escape_string($bits['0']));
- $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_escape_string($bits['1']));
- $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_escape_string($bits['2']));
+ $loc = trim(mysql_real_escape_string($bits['0']));
+ $reg = ''; if(array_key_exists('1',$bits)) $reg=trim(mysql_real_escape_string($bits['1']));
+ $ccname = ''; if(array_key_exists('2',$bits)) $ccname=trim(mysql_real_escape_string($bits['2']));
$query = "select `locations`.`id` as `locid` from `locations`, `regions`, `countries` where
`locations`.`name` like '$loc%' and `regions`.`name` like '$reg%' and `countries`.`name` like '$ccname%' and
`locations`.`regid`=`regions`.`id` and `locations`.`ccid`=`countries`.`id`
diff --git a/tverify/index.php b/tverify/index.php
index 8976341..d3a0fd5 100644
--- a/tverify/index.php
+++ b/tverify/index.php
@@ -49,10 +49,10 @@
if($id == 1)
{
- $email = mysql_escape_string(trim($_REQUEST["email"]));
- $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"])));
- $URL = mysql_escape_string(trim($_REQUEST["notaryURL"]));
- $CN = mysql_escape_string($_SESSION['_config']['CN']);
+ $email = mysql_real_escape_string(trim($_REQUEST["email"]));
+ $password = mysql_real_escape_string(stripslashes(trim($_REQUEST["pword"])));
+ $URL = mysql_real_escape_string(trim($_REQUEST["notaryURL"]));
+ $CN = mysql_real_escape_string($_SESSION['_config']['CN']);
$memid = intval($_SESSION['_config']['uid']);
$user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'"));
$tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'"));
@@ -99,7 +99,7 @@
if($nofile == 0)
{
$filename = $photoid['tmp_name'];
- $newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext);
+ $newfile = mysql_real_escape_string('/www/photoid/'.$tverify.".".$ext);
move_uploaded_file($filename, $newfile);
$query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'";
mysql_query($query);
diff --git a/www/alert_hash_collision.php b/www/alert_hash_collision.php
index bad60e8..f5eaa9c 100644
--- a/www/alert_hash_collision.php
+++ b/www/alert_hash_collision.php
@@ -14,13 +14,13 @@ if (!preg_match('/^(mem|org)-[0-9]+$/', @$_POST['usernym']))
if (preg_match('/^mem-[0-9]+$/', @$_POST['usernym']))
{
- mysql_query("update emailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
- mysql_query("update domaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update emailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update domaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
}
else
{
- mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
- mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update orgemailcerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
+ mysql_query("update orgdomaincerts set coll_found=1 where memid='".mysql_real_escape_string(substr(@$_POST['usernym'],4))."' and pkhash!='' and pkhash='".$_POST['pkhash']."';");
}
//exec(REPORT_WEAK . ' ' . $_POST['usernym'] . ' ' . lower($_POST['pkhash']));
diff --git a/www/api/cemails.php b/www/api/cemails.php
index 0d067ea..bdb3363 100644
--- a/www/api/cemails.php
+++ b/www/api/cemails.php
@@ -15,8 +15,8 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
- $username = mysql_escape_string($_REQUEST['username']);
- $password = mysql_escape_string($_REQUEST['password']);
+ $username = mysql_real_escape_string($_REQUEST['username']);
+ $password = mysql_real_escape_string($_REQUEST['password']);
$query = "select * from `users` where `email`='$username' and (`password`=old_password('$password') or `password`=sha1('$password'))";
$res = mysql_query($query);
diff --git a/www/api/edu.php b/www/api/edu.php
index 27b7b1b..80a4e79 100644
--- a/www/api/edu.php
+++ b/www/api/edu.php
@@ -20,7 +20,7 @@
if ($ipadress=='72.36.220.19' && $_SERVER['HTTPS']=="on")
{
- $serial=mysql_escape_string($_REQUEST["serial"]);
+ $serial=mysql_real_escape_string($_REQUEST["serial"]);
$root=intval($_REQUEST["root"]);
$sql="select memid from emailcerts where serial='$serial' and rootcert='$root'";
diff --git a/www/disputes.php b/www/disputes.php
index 88a8525..0c16f6c 100644
--- a/www/disputes.php
+++ b/www/disputes.php
@@ -28,7 +28,7 @@
if($type == "reallyemail")
{
$emailid = intval($_SESSION['_config']['emailid']);
- $hash = mysql_escape_string(trim($_SESSION['_config']['hash']));
+ $hash = mysql_real_escape_string(trim($_SESSION['_config']['hash']));
$res = mysql_query("select * from `disputeemail` where `id`='$emailid' and `hash`='$hash'");
if(mysql_num_rows($res) <= 0)
@@ -81,7 +81,7 @@
if($type == "email")
{
$emailid = intval($_REQUEST['emailid']);
- $hash = trim(mysql_escape_string(stripslashes($_REQUEST['hash'])));
+ $hash = trim(mysql_real_escape_string(stripslashes($_REQUEST['hash'])));
if($emailid <= 0 || $hash == "")
{
showheader(_("Email Dispute"));
@@ -127,7 +127,7 @@
if($type == "reallydomain")
{
$domainid = intval($_SESSION['_config']['domainid']);
- $hash = mysql_escape_string(trim($_SESSION['_config']['hash']));
+ $hash = mysql_real_escape_string(trim($_SESSION['_config']['hash']));
$res = mysql_query("select * from `disputedomain` where `id`='$domainid' and `hash`='$hash'");
if(mysql_num_rows($res) <= 0)
@@ -168,7 +168,7 @@
if($type == "domain")
{
$domainid = intval($_REQUEST['domainid']);
- $hash = trim(mysql_escape_string(stripslashes($_REQUEST['hash'])));
+ $hash = trim(mysql_real_escape_string(stripslashes($_REQUEST['hash'])));
if($domainid <= 0 || $hash == "")
{
showheader(_("Domain Dispute"));
@@ -214,7 +214,7 @@
if($oldid == "1")
{
csrf_check('emaildispute');
- $email = trim(mysql_escape_string(stripslashes($_REQUEST['dispute'])));
+ $email = trim(mysql_real_escape_string(stripslashes($_REQUEST['dispute'])));
if($email == "")
{
showheader(_("Email Dispute"));
@@ -290,7 +290,7 @@
if($oldid == "2")
{
csrf_check('domaindispute');
- $domain = trim(mysql_escape_string(stripslashes($_REQUEST['dispute'])));
+ $domain = trim(mysql_real_escape_string(stripslashes($_REQUEST['dispute'])));
if($domain == "")
{
showheader(_("Domain Dispute"));
@@ -355,7 +355,7 @@
$bits = explode(":", $line, 2);
$line = trim($bits[1]);
if(!in_array($line, $addy) && $line != "")
- $addy[] = trim(mysql_escape_string(stripslashes($line)));
+ $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
}
} else {
if(is_array($adds))
@@ -372,7 +372,7 @@
$line = $bit;
}
if(!in_array($line, $addy) && $line != "")
- $addy[] = trim(mysql_escape_string(stripslashes($line)));
+ $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
}
}
@@ -389,7 +389,7 @@
if($oldid == "5")
{
- $authaddy = trim(mysql_escape_string(stripslashes($_REQUEST['authaddy'])));
+ $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
if(!in_array($authaddy, $_SESSION['_config']['addy']) || $authaddy == "")
{
@@ -412,7 +412,7 @@
$domainid = intval($_SESSION['_config']['domainid']);
$memid = intval($_SESSION['_config']['memid']);
$oldmemid = intval($_SESSION['_config']['oldmemid']);
- $domain = mysql_escape_string($_SESSION['_config']['domain']);
+ $domain = mysql_real_escape_string($_SESSION['_config']['domain']);
$hash = make_hash();
$query = "insert into `disputedomain` set `domain`='$domain',`memid`='".$_SESSION['profile']['id']."',
diff --git a/www/index.php b/www/index.php
index c7cc03e..a3a2c14 100644
--- a/www/index.php
+++ b/www/index.php
@@ -53,7 +53,7 @@ require_once('../includes/lib/l10n.php');
$oldid = 0;
if(array_key_exists('Q1',$_REQUEST) && $_REQUEST['Q1'])
{
- $_SESSION['lostpw']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
+ $_SESSION['lostpw']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
if(stripslashes(strtolower($_SESSION['lostpw']['A1'])) == strtolower($_SESSION['lostpw']['user']['A1']))
$answers++;
@@ -61,7 +61,7 @@ require_once('../includes/lib/l10n.php');
}
if(array_key_exists('Q2',$_REQUEST) && $_REQUEST['Q2'])
{
- $_SESSION['lostpw']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
+ $_SESSION['lostpw']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
if(stripslashes(strtolower($_SESSION['lostpw']['A2'])) == strtolower($_SESSION['lostpw']['user']['A2']))
$answers++;
@@ -69,7 +69,7 @@ require_once('../includes/lib/l10n.php');
}
if(array_key_exists('Q3',$_REQUEST) && $_REQUEST['Q3'])
{
- $_SESSION['lostpw']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
+ $_SESSION['lostpw']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
if(stripslashes(strtolower($_SESSION['lostpw']['A3'])) == strtolower($_SESSION['lostpw']['user']['A3']))
$answers++;
@@ -77,7 +77,7 @@ require_once('../includes/lib/l10n.php');
}
if(array_key_exists('Q4',$_REQUEST) && $_REQUEST['Q4'])
{
- $_SESSION['lostpw']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
+ $_SESSION['lostpw']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
if(stripslashes(strtolower($_SESSION['lostpw']['A4'])) == strtolower($_SESSION['lostpw']['user']['A4']))
$answers++;
@@ -85,15 +85,15 @@ require_once('../includes/lib/l10n.php');
}
if(array_key_exists('Q5',$_REQUEST) && $_REQUEST['Q5'])
{
- $_SESSION['lostpw']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
+ $_SESSION['lostpw']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
if(stripslashes(strtolower($_SESSION['lostpw']['A5'])) == strtolower($_SESSION['lostpw']['user']['A5']))
$answers++;
$body .= "System: ".$_SESSION['lostpw']['user']['A5']."\nEntered: ".stripslashes(strip_tags($_SESSION['lostpw']['A5']))."\n";
}
- $_SESSION['lostpw']['pw1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass1']))));
- $_SESSION['lostpw']['pw2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['newpass2']))));
+ $_SESSION['lostpw']['pw1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['newpass1']))));
+ $_SESSION['lostpw']['pw2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['newpass2']))));
if($answers < $_SESSION['lostpw']['total'] || $answers < 3)
{
@@ -130,7 +130,7 @@ require_once('../includes/lib/l10n.php');
if($oldid == 5 && $process != "")
{
- $email = $_SESSION['lostpw']['email'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['email']))));
+ $email = $_SESSION['lostpw']['email'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['email']))));
$_SESSION['lostpw']['day'] = intval($_REQUEST['day']);
$_SESSION['lostpw']['month'] = intval($_REQUEST['month']);
$_SESSION['lostpw']['year'] = intval($_REQUEST['year']);
@@ -251,8 +251,8 @@ require_once('../includes/lib/l10n.php');
$_SESSION['_config']['errmsg'] = "";
- $email = mysql_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
- $pword = mysql_escape_string(stripslashes(trim($_REQUEST['pword'])));
+ $email = mysql_real_escape_string(stripslashes(strip_tags(trim($_REQUEST['email']))));
+ $pword = mysql_real_escape_string(stripslashes(trim($_REQUEST['pword'])));
$query = "select * from `users` where `email`='$email' and (`password`=old_password('$pword') or `password`=sha1('$pword') or
`password`=password('$pword')) and `verified`=1 and `deleted`=0 and `locked`=0";
$res = mysql_query($query);
@@ -358,26 +358,26 @@ require_once('../includes/lib/l10n.php');
$_SESSION['_config']['errmsg'] = "";
- $_SESSION['signup']['email'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['email']))));
- $_SESSION['signup']['fname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
- $_SESSION['signup']['mname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
- $_SESSION['signup']['lname'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
- $_SESSION['signup']['suffix'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
+ $_SESSION['signup']['email'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['email']))));
+ $_SESSION['signup']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
+ $_SESSION['signup']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
+ $_SESSION['signup']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
+ $_SESSION['signup']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
$_SESSION['signup']['day'] = intval($_REQUEST['day']);
$_SESSION['signup']['month'] = intval($_REQUEST['month']);
$_SESSION['signup']['year'] = intval($_REQUEST['year']);
- $_SESSION['signup']['pword1'] = trim(mysql_escape_string(stripslashes($_REQUEST['pword1'])));
- $_SESSION['signup']['pword2'] = trim(mysql_escape_string(stripslashes($_REQUEST['pword2'])));
- $_SESSION['signup']['Q1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
- $_SESSION['signup']['Q2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
- $_SESSION['signup']['Q3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
- $_SESSION['signup']['Q4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
- $_SESSION['signup']['Q5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
- $_SESSION['signup']['A1'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
- $_SESSION['signup']['A2'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
- $_SESSION['signup']['A3'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
- $_SESSION['signup']['A4'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
- $_SESSION['signup']['A5'] = trim(mysql_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
+ $_SESSION['signup']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
+ $_SESSION['signup']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
+ $_SESSION['signup']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
+ $_SESSION['signup']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
+ $_SESSION['signup']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
+ $_SESSION['signup']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
+ $_SESSION['signup']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
+ $_SESSION['signup']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
+ $_SESSION['signup']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
+ $_SESSION['signup']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
+ $_SESSION['signup']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
+ $_SESSION['signup']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
$_SESSION['signup']['general'] = intval(array_key_exists('general',$_REQUEST)?$_REQUEST['general']:0);
$_SESSION['signup']['country'] = intval(array_key_exists('country',$_REQUEST)?$_REQUEST['country']:0);
$_SESSION['signup']['regional'] = intval(array_key_exists('regional',$_REQUEST)?$_REQUEST['regional']:0);
diff --git a/www/verify.php b/www/verify.php
index 6f603e4..2e409b6 100644
--- a/www/verify.php
+++ b/www/verify.php
@@ -43,7 +43,7 @@
{
$id = 1;
$emailid = intval($_REQUEST['emailid']);
- $hash = mysql_escape_string(stripslashes($_REQUEST['hash']));
+ $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash']));
$query = "select * from `email` where `id`='$emailid' and hash!='' and deleted=0";
$res = mysql_query($query);
@@ -101,7 +101,7 @@
{
$id = 7;
$domainid = intval($_REQUEST['domainid']);
- $hash = mysql_escape_string(stripslashes($_REQUEST['hash']));
+ $hash = mysql_real_escape_string(stripslashes($_REQUEST['hash']));
$query = "select * from `domains` where `id`='$domainid' and hash!='' and deleted=0";
$res = mysql_query($query);
diff --git a/www/wot.php b/www/wot.php
index ae3b4fb..5a96fac 100644
--- a/www/wot.php
+++ b/www/wot.php
@@ -182,7 +182,7 @@ function send_reminder()
if($oldid == 5)
{
- $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `deleted`=0";
+ $query = "select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."' and `deleted`=0";
$res = mysql_query($query);
if(mysql_num_rows($res) != 1)
{
@@ -199,7 +199,7 @@ function send_reminder()
exit;
}
}
- $query = "select * from `users` where `email`='".mysql_escape_string(stripslashes($_POST['email']))."' and `locked`=1";
+ $query = "select * from `users` where `email`='".mysql_real_escape_string(stripslashes($_POST['email']))."' and `locked`=1";
$res = mysql_query($query);
if(mysql_num_rows($res) >= 1)
{
@@ -345,14 +345,14 @@ $iecho= "c";
if($newpoints < 0)
$newpoints = 0;
- if(mysql_escape_string(stripslashes($_POST['date'])) == "")
+ if(mysql_real_escape_string(stripslashes($_POST['date'])) == "")
$_POST['date'] = date("Y-m-d H:i:s");
$query = "select * from `notary` where `from`='".$_SESSION['profile']['id']."' AND
`to`='".$_SESSION['_config']['notarise']['id']."' AND
`awarded`='$awarded' AND
- `location`='".mysql_escape_string(stripslashes($_POST['location']))."' AND
- `date`='".mysql_escape_string(stripslashes($_POST['date']))."'";
+ `location`='".mysql_real_escape_string(stripslashes($_POST['location']))."' AND
+ `date`='".mysql_real_escape_string(stripslashes($_POST['date']))."'";
$res = mysql_query($query);
if(mysql_num_rows($res) > 0)
{
@@ -366,8 +366,8 @@ $iecho= "c";
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['_config']['notarise']['id']."',
`points`='$newpoints', `awarded`='$awarded',
- `location`='".mysql_escape_string(stripslashes($_POST['location']))."',
- `date`='".mysql_escape_string(stripslashes($_POST['date']))."',
+ `location`='".mysql_real_escape_string(stripslashes($_POST['location']))."',
+ `date`='".mysql_real_escape_string(stripslashes($_POST['date']))."',
`when`=NOW()";
//record active acceptance by Assurer
write_user_agreement($_SESSION['profile']['id'], "CCA", "Assurance", "Assurer", 1, $_SESSION['_config']['notarise']['id']);
@@ -387,8 +387,8 @@ $iecho= "c";
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
`to`='".$_SESSION['profile']['id']."',
`points`='$addpoints', `awarded`='$addpoints',
- `location`='".mysql_escape_string(stripslashes($_POST['location']))."',
- `date`='".mysql_escape_string(stripslashes($_POST['date']))."',
+ `location`='".mysql_real_escape_string(stripslashes($_POST['location']))."',
+ `date`='".mysql_real_escape_string(stripslashes($_POST['date']))."',
`method`='Administrative Increase',
`when`=NOW()";
mysql_query($query);
@@ -476,7 +476,7 @@ $iecho= "c";
{
csrf_check("chgcontact");
- $info = mysql_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
+ $info = mysql_real_escape_string(strip_tags(stripslashes($_POST['contactinfo'])));
$listme = intval($_POST['listme']);
if($listme < 0 || $listme > 1)
$listme = 0;