From: justdave%syndicomm.com <> Date: Sat, 17 Nov 2001 16:24:08 +0000 (+0000) Subject: Fix for bug 108822: It was possible for a user to send arbitrary SQL by inserting... X-Git-Tag: bugzilla-2.14.1~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2582274d2216596516cf867cfc4e08fe171d4f5;p=thirdparty%2Fbugzilla.git Fix for bug 108822: It was possible for a user to send arbitrary SQL by inserting quotes in the "mybugslink" field in the user preferences. Patch by Jake Steenhagen r= myk, bbaetz --- diff --git a/userprefs.cgi b/userprefs.cgi index bc0f1d672b..fad31b4e43 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -17,7 +17,7 @@ # Dan Mosedale # Alan Raetz # David Miller -# Christopher Aillon +# use diagnostics; use strict; @@ -171,7 +171,7 @@ sub SaveAccount { WHERE userid = $userid"); } SendSQL("UPDATE profiles SET " . - "realname = " . SqlQuote(trim($::FORM{'realname'})) . + "realname = " . SqlQuote($::FORM{'realname'}) . " WHERE userid = $userid"); } @@ -299,7 +299,7 @@ sub showExcludeSelf (\%) { @@ -502,7 +502,7 @@ sub SaveFooter { sub ShowPermissions { - print "\n"; }
      Global options:
- Only email me reports of changes made by other people + Do not email me bugs that I change
You have the following permission bits set on your account:\n"; + print "You have the following permission bits set on your account:\n"; print "

    \n"; my $found = 0; SendSQL("SELECT description FROM groups " . @@ -532,7 +532,6 @@ sub ShowPermissions { } print "
\n"; } - print "