Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-10-21 | bug-1273: fixing backticks in 'warning'-cron-scriptbug-1273 | Felix Dörre | |
2014-06-15 | bug 1273: Move the one "escapeshellarg" in a new row. | Felix Dörre | |
2014-06-15 | bug 1273: use runCommand where former "echo"-syntax was used | Felix Dörre | |
2014-06-15 | bug 1273: replace backtick operators with shell_exec | Felix Dörre | |
+ fix 1 missing escapeshellarg Commands used to locate: 1. find includes -type f -name '*.php' -exec cat {} \; \ | tr '\n' '?' | sed 's/\(\$query .\?= \|\ mysql_query(\|query_init (\)"\([^"]\|".\(\(intval\|mysql_real_escape_string\)\ (\$[^\$)]\+)\|\$_SESSION\(\['_config'\]\['user'\]\['Q[1-5]'\]\ \|['_config']['disablelogin']\)\)[ ?]*."\)*"/mysql-substitute/g'\ | tr '?' '\n' | grep --color=always "\`"|less -r and reviewing the queries by hand. This command replaces out strings obviously looking like sql_queries and then outputting al remaining backticks: starting with "$query = ,mysql_query, ..." and are only interrupted by "safe" calls: - mysql_real_escape_string - intval - pre_escaped session variables (This command may also be used for locating bad escaped sql_queries) 2. grep -r "\`\(grep\|/\|echo\|dig\|openssl\|gpg\|rm\|../\)" www includes pages \ | grep -v '\(from\|update\|into\) `gpg' | |||
2014-06-13 | Merge branch 'bug-807' into release | Benny Baumann | |
2014-06-13 | Merge branch 'release' into bug-807 | Benny Baumann | |
Conflicts: includes/account.php includes/lib/account.php pages/account/16.php | |||
2014-06-07 | Merge branch 'bug-929' into release | Benny Baumann | |
2014-06-06 | Merge branch 'bug-1172' into release | Benny Baumann | |
2014-06-06 | Merge branch 'bug-1138' into release | Benny Baumann | |
2014-06-06 | Merge branch 'bug-1275' into release | Benny Baumann | |
2014-06-06 | Merge branch 'bug-372' into release | Benny Baumann | |
2014-06-06 | Merge branch 'bug-413' into bug-1138bug-1138 | Benny Baumann | |
Conflicts: pages/account/12.php pages/account/5.php | |||
2014-05-27 | bug 413: Port same change as for 5.php over to 12.phpbug-413 | Benny Baumann | |
2014-05-27 | bug 413: Backport changes from 7aced740 by Michael Tänzer to avoid ↵ | Benny Baumann | |
conflicts when integrating both together | |||
2014-05-27 | bug 1138: that "if" should contain a block | Michael Tänzer | |
goto fail; Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-20 | bug 1138: fix double-escaping in wot/10 | Benny Baumann | |
2014-05-01 | bug 1138: $verified is a string that is directly filled with data from the | Michael Tänzer | |
translation system => do not intval() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: This is an int, no need to mysql_real_escape() | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping of $_SESSION['_config']['OU'] and fix XSS | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping. | Michael Tänzer | |
These session variables should be local variables as they aren't needed anywhere else Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping in `description` which was stored into the | Michael Tänzer | |
session mysql_real_escaped Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | bug 1138: Avoid double escaping | Michael Tänzer | |
Yes it's ugly but should be fixed in a separate bug Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-05-01 | Merge branch 'release' into bug-1138 | Benny Baumann | |
2014-04-30 | bug 1138: additional brackets for better readability | Benny Baumann | |
2014-04-30 | bug 1138: Reorder fields to better show which variables belong together | Benny Baumann | |
2014-04-30 | bug 1138: Whitespace changes and code formatting | Benny Baumann | |
2014-04-30 | bug 1138: And yet another bunch of escaping | Benny Baumann | |
2014-04-30 | bug 1138: Some escaping for the GnuPG code | Benny Baumann | |
2014-04-30 | bug 1138: And yet another bunch of missing escapes | Benny Baumann | |
2014-04-30 | bug 1138: And yet some more sanitizing of database query arguments | Benny Baumann | |
2014-04-30 | bug 1138: Add some more mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add some more mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add some mising escaping for values from the database | Benny Baumann | |
2014-04-30 | bug 1138: Add quite some instances of mising escaping | Benny Baumann | |
2014-04-30 | bug 1138: Be more paranoid regarding database query parameters | Benny Baumann | |
2014-04-30 | bug 1138: Properly bail out to remark on missing ticket number | Benny Baumann | |
2014-04-29 | bug 372: `orgdomlink` has no `id` fieldbug-372 | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1275: Fix #1275bug-1275 | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Implement log parameter for output_assurances*() and use it for | Michael Tänzer | |
data summary Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Move rendering of the email addresses and such for each assurance | Michael Tänzer | |
into output_assurances_row() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Store the calculated awarded points in the row array to avoid | Michael Tänzer | |
parameters to the output_assurances_row() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Reduce number of parameters for output_assurances_row() | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | bug 1138: Only revoke assurance if we actually found one | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-29 | Merge branch 'bug-1221' into bug-1138 | Michael Tänzer | |
Conflicts: includes/account.php includes/general.php includes/loggedin.php includes/notary.inc.php pages/account/43.php pages/account/55.php pages/wot/10.php www/index.php www/wot.php Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Adjust the interface of calc_assurances() to be consistent andbug-1221 | Michael Tänzer | |
use the `deleted` column for the Thawte revocation Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Reduce number of parameters for calc_experience() and document it | Michael Tänzer | |
also respect revoked assurances and use calc_awarded() Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Add comments and restrict TTP assurances | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Put the assurance method independent logic in one place | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-22 | bug 1221: Rename function to better reflect its use | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> | |||
2014-04-21 | bug 1221: Move calc_points() up to the other point calculation functions | Michael Tänzer | |
Signed-off-by: Michael Tänzer <neo@nhng.de> |