[geeklog-devel] links plugin in CVS

Joe Mucchiello joe at ThrowingDice.com
Sun Dec 23 03:37:31 EST 2007


This is in CVS. The links plugin's functions.inc. It has 3 bugs:

function links_get_tid ()
{
     global $_TABLES;
     if (isset($_REQUEST['topic'])) {
         return $_REQUEST['topic'];
     } elseif (isset($_REQUEST['topic'])) {  // unreachable code
         return DB_getItem($_TABLES['topics'], 
'tid',  "topic='{$_REQUEST['topic']}'");
     } elseif (isset($_REQUEST['story'])) {
         return DB_getItem($_TABLES['stories'], 
'tid',  "sid='{$_REQUEST['story']}'");  // sql injection?
     } else {
         return; // inconsistent return type based on usage above.
     }
}


----
Joe Mucchiello
Throwing Dice Games
http://www.throwingdice.com 




More information about the geeklog-devel mailing list