WordPress.org
Get WordPress

Plugin Directory

Changeset 1467925


Ignore:
Timestamp:
08/04/2016 04:12:37 PM (9 years ago)
Author:
warkior
Message:

Additional security related bug fixes

Location:
formbuilder/trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed

  • formbuilder/trunk/class/FBFormEditor.class.php

    r371672 r1467925  
    116116#                   $tableFields->remove_row($fieldKey);
    117117
    118                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     118                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    119119                    $results = $wpdb->get_results($sql, ARRAY_A);
    120120                    $actionRow = $results[0];
    121121
    122                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
     122                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order ASC;";
    123123                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    124124
     
    145145#                   $relatedRows = $tableFields->search_rows("$form_id", "form_id", "display_order ASC");
    146146
    147                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     147                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    148148                    $results = $wpdb->get_results($sql, ARRAY_A);
    149149                    $actionRow = $results[0];
    150150
    151                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
     151                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order ASC;";
    152152                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    153153
     
    186186                {
    187187#                   $actionRow = $tableFields->load_row($fieldKey);
    188                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     188                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    189189                    $results = $wpdb->get_results($sql, ARRAY_A);
    190190                    $actionRow = $results[0];
    191191
    192192#                   $relatedRows = $tableFields->search_rows("$form_id", "form_id", "display_order DESC");
    193                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order DESC;";
     193                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order DESC;";
    194194                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    195195

  • formbuilder/trunk/html/options_edit_form.inc.php

    r1030489 r1467925  
    230230                        // Tag display and customization.
    231231                        $tags = array();
     232                        $form_id = is_numeric($form_id) ? $form_id : 0;
    232233                        $sql = "SELECT * FROM " . FORMBUILDER_TABLE_TAGS . " WHERE form_id = '{$form_id}' ORDER BY tag ASC;";
    233234                        $results = $wpdb->get_results($sql, ARRAY_A);
     
    270271               
    271272                <?php
     273                    $form_id = is_numeric($form_id) ? $form_id : 0;
    272274                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
    273275                    $related = $wpdb->get_results($sql, ARRAY_A);

  • formbuilder/trunk/php/formbuilder_admin_pages.inc.php

    r1030489 r1467925  
    178178    {
    179179        global $wpdb;
     180        if(!is_numeric($form_id))
     181            return;
    180182       
    181183        /*
     
    294296            {
    295297                $fieldAction = $_POST['fieldAction'];
    296                 $fieldKey = key($fieldAction);
     298                $fieldKey = addslashes(htmlentities(key($fieldAction)));
    297299                $fieldValue = current($fieldAction);
    298300
     
    301303                    if($fieldKey == "newField")
    302304                    {   // Create a new field at the end of the form.
    303                         $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order DESC;";
     305                        $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order DESC;";
    304306                        $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    305307#                       $relatedRows = $tableFields->search_rows("$form_id", "form_id", "display_order DESC");
     
    322324                if($fieldValue == __("Add Another", 'formbuilder'))
    323325                {
    324                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     326                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    325327                    $results = $wpdb->get_results($sql, ARRAY_A);
    326328                    $actionRow = $results[0];
     
    328330
    329331
    330                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order DESC;";
     332                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order DESC;";
    331333                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    332334                    #$relatedRows = $tableFields->search_rows("$form_id", "form_id");
     
    364366#                   $tableFields->remove_row($fieldKey);
    365367
    366                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     368                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    367369                    $results = $wpdb->get_results($sql, ARRAY_A);
    368370                    $actionRow = $results[0];
    369371
    370                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
     372                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order ASC;";
    371373                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    372374
     
    393395#                   $relatedRows = $tableFields->search_rows("$form_id", "form_id", "display_order ASC");
    394396
    395                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     397                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    396398                    $results = $wpdb->get_results($sql, ARRAY_A);
    397399                    $actionRow = $results[0];
    398400
    399                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
     401                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order ASC;";
    400402                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    401403
     
    434436                {
    435437#                   $actionRow = $tableFields->load_row($fieldKey);
    436                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = $fieldKey ORDER BY display_order DESC;";
     438                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '$fieldKey' ORDER BY display_order DESC;";
    437439                    $results = $wpdb->get_results($sql, ARRAY_A);
    438440                    $actionRow = $results[0];
    439441
    440442#                   $relatedRows = $tableFields->search_rows("$form_id", "form_id", "display_order DESC");
    441                     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order DESC;";
     443                    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order DESC;";
    442444                    $relatedRows = $wpdb->get_results($sql, ARRAY_A);
    443445
     
    629631    {
    630632        global $wpdb;
     633        if(!is_numeric($form_id))
     634            return;
    631635       
    632636        if(!formbuilder_user_can('create'))
     
    643647        $form = $results[0];
    644648       
    645         $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = $form_id ORDER BY display_order ASC;";
     649        $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE form_id = '$form_id' ORDER BY display_order ASC;";
    646650        $fields = $wpdb->get_results($sql, ARRAY_A);
    647651        if($fields)
     
    659663        $form['autoresponse'] = $autoresponse;
    660664       
    661         $sql = "SELECT * FROM " . FORMBUILDER_TABLE_TAGS . " WHERE form_id = $form_id;";
     665        $sql = "SELECT * FROM " . FORMBUILDER_TABLE_TAGS . " WHERE form_id = '$form_id';";
    662666        $tags = $wpdb->get_results($sql, ARRAY_A);
    663667        if($tags)
     
    896900    {
    897901        global $wpdb;
     902        if(!is_numeric($form_id))
     903            return;
    898904       
    899905        if(!formbuilder_user_can('create'))
     
    944950    {
    945951        global $wpdb;
     952        if(!is_numeric($form_id))
     953            return;
    946954       
    947955        if(!formbuilder_user_can('create'))

  • formbuilder/trunk/php/formbuilder_parser.php

    r1460325 r1467925  
    3636       
    3737    session_start();
     38    if(!is_numeric($field_id))
     39        die();
    3840   
    39     $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '" . $_GET['fieldid'] . "';";
     41    $sql = "SELECT * FROM " . FORMBUILDER_TABLE_FIELDS . " WHERE id = '{$field_id}';";
    4042    $results = $wpdb->get_results($sql, ARRAY_A);
    4143    $field = $results[0];

  • formbuilder/trunk/php/formbuilder_post_metabox.inc.php

    r906598 r1467925  
    8585
    8686        // If the post already has an id, determine whether or not there is a form already linked to it.
    87         if($post->ID)
     87        if(is_numeric($post->ID))
    8888        {
    8989            // Determine if the post/page has a linked form.
     
    136136              $id = $_REQUEST[ 'post_ID' ];
    137137
     138            if(!is_numeric($id))
     139                return;
     140
    138141            // Get any fb entries for the given page ID.
    139142            $sql = "SELECT * FROM " . FORMBUILDER_TABLE_PAGES . " WHERE post_id = '" . $id . "';";
     
    185188        if( !isset( $id ) )
    186189          $id = $_REQUEST[ 'post_ID' ];
     190        if(!is_numeric($id))
     191            return;
    187192
    188193        $sql = "DELETE FROM " . FORMBUILDER_TABLE_PAGES . " WHERE post_id = '$id';";

  • formbuilder/trunk/php/formbuilder_processing.inc.php

    r1030943 r1467925  
    126126            define('SID', '');
    127127        }
     128
     129        if(!is_numeric($form_id))
     130            return;
    128131
    129132        $formBuilderTextStrings = formbuilder_load_strings();
Note: See TracChangeset for help on using the changeset viewer.