Thread: vBPurchase 1.0c.fl1
View Single Post
  #122  
Old 07-24-2005, 11:48 PM
WhisperPntr's Avatar
WhisperPntr WhisperPntr is offline
 
Join Date: Apr 2002
Location: Hong Kong
Posts: 48
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
I finally got it verified. THE GEEK'S fix basically made the item number different than what was needed.

to fix it replace The Geek's original code
PHP Code:
//added by The Geek to remove the SQL injection security problems
globalize($_REQUEST,array('do'=>STR_NOHTML,'product'=>INT,'id'=>INT,'act'=>STR_NOHTML,'perf'=>STR_NOHTML,'tx'=>STR));
globalize($_POST,array('license','service','url'=>STR,'txn_id'=>STR,'custom'=>STR,'item_name'=>STR,'item_number'=>INT)); 
With the following
PHP Code:
//added by The Geek to remove the SQL injection security problems
$do $_GET['do'];
if (($do != 'ipn')&&($do != 'debug')) {
    globalize($_REQUEST,array('do'=>STR_NOHTML,'product'=>INT,'id'=>INT,'act'=>STR_NOHTML,'perf'=>STR_NOHTML,'tx'=>STR));
    globalize($_POST,array('license','service','url'=>STR,'txn_id'=>STR,'custom'=>STR,'item_name'=>STR,'item_number'=>INT));

Not eloquent but it works. Now on to solve why the item information won't be entered into the database

And for those who don't see the line, Basically this was an sql injection fix. Quite handy imho.
Reply With Quote
 
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.01146 seconds
  • Memory Usage 1,779KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD_SHOWPOST
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (2)bbcode_php
  • (1)footer
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (6)option
  • (1)post_thanks_box
  • (1)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit_info
  • (1)postbit
  • (1)postbit_onlinestatus
  • (1)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open 
Phrase Groups Available:
  • global
  • postbit
  • reputationlevel
  • showthread
Included Files:
  • ./showpost.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showpost_start
  • bbcode_fetch_tags
  • bbcode_create
  • postbit_factory
  • showpost_post
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • showpost_complete