| g7jgq |
03-08-2012 07:40 PM |
Quote:
Originally Posted by rpgamersnet
(Post 2305022)
If you refer to this post: https://vborg.vbsupport.ru/showpost....91&postcount=5
The code I am asking about is the loop that removes all the SQL keywords from the comments. Most I'm sure won't come across in normal comments, but filtering out parts like "or" and "and" are going to catch and mess up standard comments, as given in the example on that post.
"I got the high score!" becomes "I got the high sce!"
"Got a great hand on the last round!" -> "Got a great h on the last round"
Some basic words will get filtered as well, not just the bad SQL data, which is why I suggested that maybe this fix is not the best solution. Code I am questioning is quoted here:
PHP Code:
function recursive_str_ireplace($replacethis,$withthis,$inthis)
{
while (1==1)
{
$inthis = str_ireplace($replacethis,$withthis,$inthis);
if(stristr($inthis, $replacethis) === FALSE)
{
RETURN $inthis;
}
}
RETURN $inthis;
}
PHP Code:
// remove any SQL-commands
$sqlcomm[] = 'create';
$sqlcomm[] = 'database';
$sqlcomm[] = 'table';
$sqlcomm[] = 'insert';
$sqlcomm[] = 'update';
$sqlcomm[] = 'rename';
$sqlcomm[] = 'replace';
$sqlcomm[] = 'select';
$sqlcomm[] = 'handler';
$sqlcomm[] = 'delete';
$sqlcomm[] = 'truncate';
$sqlcomm[] = 'drop';
$sqlcomm[] = 'where';
$sqlcomm[] = 'or';
$sqlcomm[] = 'and';
$sqlcomm[] = 'values';
$sqlcomm[] = 'set';
$sqlcomm[] = 'password';
$sqlcomm[] = 'salt';
$sqlcomm[] = 'concat';
$sqlcomm[] = 'schema';
$value = recursive_str_ireplace($sqlcomm, '', $value);
Some recent threads have started to appear complaining of errors appearing, this new code is also the source of those new problems; the new recursive_str_ireplace loop to replace these parts of the comment field.... and any other field being filtered by the ibp_cleansql function.
|
As I posted in another thread, before searching !!!!!!!!!! its also stripping the words out of game names which I suspect will break a lot of games.
When it gets the game name from the posted data
PHP Code:
$game_name = ibp_cleansql($_POST['gname']);
A game such as wordrace will end up as wdrace
For now I have just modified the replacement list as follows, its NOT a good fix but at least all of the games will submit scores now :-)
PHP Code:
$sqlcomm[] = 'create ';
$sqlcomm[] = 'database';
$sqlcomm[] = 'table';
$sqlcomm[] = 'insert';
$sqlcomm[] = 'update ';
$sqlcomm[] = 'rename';
$sqlcomm[] = 'replace ';
$sqlcomm[] = 'select ';
$sqlcomm[] = 'handler';
$sqlcomm[] = 'delete ';
$sqlcomm[] = 'truncate ';
$sqlcomm[] = 'drop ';
$sqlcomm[] = ' where ';
$sqlcomm[] = ' or ';
$sqlcomm[] = ' and ';
$sqlcomm[] = 'values';
$sqlcomm[] = ' set ';
$sqlcomm[] = 'password';
$sqlcomm[] = 'salt';
$sqlcomm[] = 'concat';
$sqlcomm[] = 'schema';
I know that won't solve the problem in comments but we don't really use comments. I am going to look at an alternative fix for this over the weekend
Cheers
Alex |
More Information