From be4d1620b6799a9308f1eb2d5685fcd1a5b8b621 Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Sun, 9 Sep 2012 09:42:04 +0200 Subject: [PATCH] Security cleanups in access roles and db_pager. --- admin/security_roles.php | 4 ++-- includes/db_pager.inc | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/admin/security_roles.php b/admin/security_roles.php index 2727af4c..f8b44552 100644 --- a/admin/security_roles.php +++ b/admin/security_roles.php @@ -90,10 +90,10 @@ if (get_post('addupdate')) if (($a&~0xffff) && (($a&0xff00)<(99<<8))) { $sections[] = $a&~0xff; // add extended section for plugins } - $areas[] = $a; + $areas[] = (int)$a; } if (substr($p,0,7) == 'Section') - $sections[] = substr($p, 7); + $sections[] = (int)substr($p, 7); } // $areas = sort_areas($areas); diff --git a/includes/db_pager.inc b/includes/db_pager.inc index 64a79eda..36afb923 100644 --- a/includes/db_pager.inc +++ b/includes/db_pager.inc @@ -283,7 +283,9 @@ class db_pager { } if (count($ord)) { - $sql .= " ORDER BY " . implode($ord, ','); + $ord = array_map(function_exists('mysql_real_escape_string') ? + 'mysql_real_escape_string': 'mysql_escape_string', $ord); + $sql .= " ORDER BY " . implode(',', $ord); } else { if($order) $sql .= " ORDER BY $order"; // original base query order -- 2.30.2