Home Explore Help
Sign In
richard
/
sorbetcms
Watch 1
Star 0
Fork 1
Code Issues 0 Pull Requests 0 Commits 290 Releases 0 Wiki
Browse Source

Bug 50 - SQL injection exploit, resolved by checking for valid post id

mheitzenroder@gmail.com 17 years ago
parent
770a45a126
commit
2b04a0339c
1 changed files with 3 additions and 0 deletions
Unified View Show Diff Stats
  1. 3 0
      index.php

+ 3 - 0
index.php View File

42
42
43 
         if (isset($_GET["post"])) {
43 
         if (isset($_GET["post"])) {
44 
                 $id_post = $_GET["post"];
44 
                 $id_post = $_GET["post"];
45 
+                if (!is_numeric($id_post) && $id_post < 1 ){
46 
+                	header("Location: index.php");
47 
+                }
45 
         } else {
48 
         } else {
46 
                 if (isset($param_url[1]) && $param_url[1]=="post") {
49 
                 if (isset($param_url[1]) && $param_url[1]=="post") {
47 
                         $id_post = (isset($param_url[2])) ? ((is_numeric($param_url[2])) ? $param_url[2] : NULL) : NULL;
50 
                         $id_post = (isset($param_url[2])) ? ((is_numeric($param_url[2])) ? $param_url[2] : NULL) : NULL;