[g7jgq]

Quote:

Originally Posted by rpgamersnet

If you refer to this post: https://vborg.vbsupport.ru/showpost....91&postcount=5

The code I am asking about is the loop that removes all the SQL keywords from the comments. Most I'm sure won't come across in normal comments, but filtering out parts like "or" and "and" are going to catch and mess up standard comments, as given in the example on that post.

"I got the high score!" becomes "I got the high sce!"

"Got a great hand on the last round!" -> "Got a great h on the last round"

Some basic words will get filtered as well, not just the bad SQL data, which is why I suggested that maybe this fix is not the best solution. Code I am questioning is quoted here:

PHP Code:

function recursive_str_ireplace($replacethis,$withthis,$inthis)
{
    while (1==1)
    {
        $inthis = str_ireplace($replacethis,$withthis,$inthis);
        if(stristr($inthis, $replacethis) === FALSE)
        {
            RETURN $inthis;
        }
    }
    RETURN $inthis;
} 


PHP Code:

 // remove any SQL-commands
    $sqlcomm[] = 'create';
    $sqlcomm[] = 'database';
    $sqlcomm[] = 'table';
    $sqlcomm[] = 'insert';
    $sqlcomm[] = 'update';
    $sqlcomm[] = 'rename';
    $sqlcomm[] = 'replace';
    $sqlcomm[] = 'select';
    $sqlcomm[] = 'handler';
    $sqlcomm[] = 'delete';
    $sqlcomm[] = 'truncate';
    $sqlcomm[] = 'drop';
    $sqlcomm[] = 'where';
    $sqlcomm[] = 'or';
    $sqlcomm[] = 'and';
    $sqlcomm[] = 'values';
    $sqlcomm[] = 'set';
    $sqlcomm[] = 'password';
    $sqlcomm[] = 'salt';
    $sqlcomm[] = 'concat';
    $sqlcomm[] = 'schema';
    $value = recursive_str_ireplace($sqlcomm, '', $value); 


Some recent threads have started to appear complaining of errors appearing, this new code is also the source of those new problems; the new recursive_str_ireplace loop to replace these parts of the comment field.... and any other field being filtered by the ibp_cleansql function.

As I posted in another thread, before searching !!!!!!!!!! its also stripping the words out of game names which I suspect will break a lot of games.

When it gets the game name from the posted data

PHP Code:

$game_name = ibp_cleansql($_POST['gname']); 


A game such as wordrace will end up as wdrace

For now I have just modified the replacement list as follows, its NOT a good fix but at least all of the games will submit scores now :-)

PHP Code:

    $sqlcomm[] = 'create ';
    $sqlcomm[] = 'database';
    $sqlcomm[] = 'table';
    $sqlcomm[] = 'insert';
    $sqlcomm[] = 'update ';
    $sqlcomm[] = 'rename';
    $sqlcomm[] = 'replace ';
    $sqlcomm[] = 'select ';
    $sqlcomm[] = 'handler';
    $sqlcomm[] = 'delete ';
    $sqlcomm[] = 'truncate ';
    $sqlcomm[] = 'drop ';
    $sqlcomm[] = ' where ';
    $sqlcomm[] = ' or ';
    $sqlcomm[] = ' and ';
    $sqlcomm[] = 'values';
    $sqlcomm[] = ' set ';
    $sqlcomm[] = 'password';
    $sqlcomm[] = 'salt';
    $sqlcomm[] = 'concat';
    $sqlcomm[] = 'schema'; 


I know that won't solve the problem in comments but we don't really use comments. I am going to look at an alternative fix for this over the weekend

Cheers

Alex