[interchange-cvs] interchange - heins modified 4 files
interchange-cvs at icdevgroup.org
interchange-cvs at icdevgroup.org
Thu Sep 22 13:52:58 EDT 2005
User: heins
Date: 2005-09-22 17:52:58 GMT
Modified: . Tag: STABLE_5_2-branch README WHATSNEW
Modified: dist/foundation/pages/forum Tag: STABLE_5_2-branch
Modified: submit.html
Modified: scripts Tag: STABLE_5_2-branch interchange.PL
Log:
* Fix SQL injection problem.
* Update versions, WHATSNEW, etc. in prep for release.
Revision Changes Path
No revision
No revision
2.23.2.3 +2 -2 interchange/README
rev 2.23.2.3, prev_rev 2.23.2.2
Index: README
===================================================================
RCS file: /var/cvs/interchange/README,v
retrieving revision 2.23.2.2
retrieving revision 2.23.2.3
diff -u -r2.23.2.2 -r2.23.2.3
--- README 5 May 2004 13:20:00 -0000 2.23.2.2
+++ README 22 Sep 2005 17:52:57 -0000 2.23.2.3
@@ -2,9 +2,9 @@
I N T E R C H A N G E
-Interchange 5.2.0
+Interchange 5.2.1
-Copyright (C) 2002-2004 Interchange Development Group
+Copyright (C) 2002-2005 Interchange Development Group
Copyright (C) 1996-2002 Red Hat, Inc.
Originally based on Vend 0.2 and 0.3, copyright 1995-96 by Andrew M. Wilcox.
2.201.2.8 +11 -0 interchange/Attic/WHATSNEW
rev 2.201.2.8, prev_rev 2.201.2.7
Index: WHATSNEW
===================================================================
RCS file: /var/cvs/interchange/Attic/WHATSNEW,v
retrieving revision 2.201.2.7
retrieving revision 2.201.2.8
diff -u -r2.201.2.7 -r2.201.2.8
--- WHATSNEW 5 May 2004 13:20:00 -0000 2.201.2.7
+++ WHATSNEW 22 Sep 2005 17:52:57 -0000 2.201.2.8
@@ -6,6 +6,17 @@
------------------------------------------------------------------------------
+Interchange 5.2.1 released 2005-09-22.
+
+
+Security
+---------
+
+* Fix SQL injection vulnerability in pages/forum/submit.html.
+
+------------------------------------------------------------------------------
+
+
Interchange 5.2.0 released 2004-05-05.
No revision
No revision
1.2.6.1 +50 -11 interchange/dist/foundation/pages/forum/Attic/submit.html
rev 1.2.6.1, prev_rev 1.2
Index: submit.html
===================================================================
RCS file: /var/cvs/interchange/dist/foundation/pages/forum/Attic/submit.html,v
retrieving revision 1.2
retrieving revision 1.2.6.1
diff -u -r1.2 -r1.2.6.1
--- submit.html 6 Oct 2002 02:55:50 -0000 1.2
+++ submit.html 22 Sep 2005 17:52:57 -0000 1.2.6.1
@@ -28,6 +28,15 @@
@_LEFTONLY_TOP_@
+[if cgi product]
+[perl tables=products]
+ ## Set the subject if coming from product page
+ my $desc = tag_data('products', $Config->{DescriptionField}, $Session->{arg});
+ $CGI->{subject} = $desc;
+ return;
+[/perl]
+[/if]
+
[perl tables="forum"]
#code parent artid mod_time created username host score lastscore reason anon extended subject comment
sub scrub {
@@ -39,13 +48,16 @@
my $noscrub;
if(! $type) {
# do nothing
+ $value =~ s/\[/[/g;
}
elsif($type eq '2') {
$value = $Tag->filter('text2html', $value);
+ $value =~ s/\[/[/g;
}
elsif($type eq '4') {
unless ($value =~ m{</\s*xmp\s*>}i) {
$noscrub = 1;
+ $value =~ s/\[//g;
$value = "<XMP>$value</XMP>";
}
}
@@ -54,6 +66,10 @@
unless $noscrub;
return $value;
}
+ if($CGI->{product}) {
+ $Session->{forum_start} ||= {};
+ $Session->{forum_start}{$CGI->{product}} = 1;
+ }
return;
[/perl]
@@ -64,8 +80,10 @@
<table>
<tr>
<td bgcolor="#eeeeee">
- <B>[cgi name=subject filter=restrict_html]<br>
- by [either][value fname][or]Shrinking Violet[/either] on [convert-date fmt="%A, %B %e, %Y @%H:%M"][/convert-date]<B>
+ [restrict enable=cgi]
+ <B>[cgi name=subject filter="restrict_html"]<br>
+ [/restrict]
+ by [either][value fname][or]Guest user[/either] on [convert-date fmt="%A, %B %e, %Y @%H:%M"][/convert-date]<B>
</td>
</tr>
<tr>
@@ -102,7 +120,7 @@
my $db = $Db{forum}
or return "Database error.";
$v{host} = $Session->{host};
- $v{score} = 0;
+ $v{score} = 1;
my $noscrub;
if(! $CGI->{commtype}) {
# do nothing
@@ -123,11 +141,29 @@
$v{mod_time} =
$v{created} = $Tag->time( { body => "%Y-%m-%d %H:%M:%S" });
$v{subject} = $Tag->filter('encode_entities', $CGI->{subject}, 'subject');
- $v{artid} = '0';
- $v{parent} = '0';
- $Scratch->{tmp_code} = $db->set_slice(undef, [ keys %v ], [values %v])
+ $v{artid} = $CGI->{artid} || 0;
+
+ my $code;
+
+ if($CGI->{parent}) {
+ my $existing = $db->query("select * from forum where parent = '$CGI->{parent}'");
+ if($existing and ! @$existing) {
+ $v{artid} = $CGI->{parent};
+ $code = $CGI->{parent};
+ $v{parent} = 0;
+ }
+ else {
+ $v{parent} = $CGI->{parent};
+ }
+ }
+ $Scratch->{tmp_code} = $db->set_slice($code, \%v)
or return "Error submitting reply!";
$Scratch->{tmp_code} =~ s/'//g;
+
+ unless ($code) {
+ $Scratch->{tmp_code} = $v{parent};
+ }
+
## This is special processing only if there is a submission email address
## is found
if($Variable->{FORUM_SUBMIT_EMAIL}) {
@@ -174,11 +210,14 @@
return;
[/perl]
- [if scratch tmp_code]
- Your story has been submitted. You will receive a response when it
- is handled. For questions, contact <A HREF="mailto:webmaster at perusion.com">webmaster at perusion.com</A>
- <P>
- [page index]Return to the Intranet home</A>
+ [if cgi parent]
+ Your comment has been submitted.
+ [if type=data term="products::sku::[cgi parent]"]
+ [page href="[cgi parent]"]Return to product</a>.
+ [else]
+ [page href="forum/display" arg="[cgi parent]"]See in context.
+ [/else]
+ [/if]
[/if]
[else]
[include include/forum/submit_form]
No revision
No revision
2.79.2.3 +7 -7 interchange/scripts/interchange.PL
rev 2.79.2.3, prev_rev 2.79.2.2
Index: interchange.PL
===================================================================
RCS file: /var/cvs/interchange/scripts/interchange.PL,v
retrieving revision 2.79.2.2
retrieving revision 2.79.2.3
diff -u -r2.79.2.2 -r2.79.2.3
--- interchange.PL 5 May 2004 13:20:02 -0000 2.79.2.2
+++ interchange.PL 22 Sep 2005 17:52:57 -0000 2.79.2.3
@@ -1,11 +1,11 @@
#!/usr/bin/perl
##!~_~perlpath~_~
#
-# Interchange version 5.2.0
+# Interchange version 5.2.1
#
-# $Id: interchange.PL,v 2.79.2.2 2004/05/05 13:20:02 jon Exp $
+# $Id: interchange.PL,v 2.79.2.3 2005/09/22 17:52:57 mheins Exp $
#
-# Copyright (C) 2002-2004 Interchange Development Group
+# Copyright (C) 2002-2005 Interchange Development Group
# Copyright (C) 1996-2002 Red Hat, Inc.
# http://www.icdevgroup.org/
#
@@ -140,7 +140,7 @@
require Exporter;
BEGIN {
- $VERSION = '5.2.0';
+ $VERSION = '5.2.1';
unless ($] >= 5.006) {
die "Interchange $VERSION requires Perl 5.6.0 or later,\nbut you're trying to run it under Perl $]. Exiting.\n";
@@ -341,7 +341,7 @@
}
sub version {
- print "Interchange version $VERSION copyright 2002-2004 Interchange Development Group and others.\n";
+ print "Interchange version $VERSION copyright 2002-2005 Interchange Development Group and others.\n";
}
=head1 NAME
@@ -354,7 +354,7 @@
=head1 VERSION
-5.2.0
+5.2.1
=head1 DESCRIPTION
@@ -960,7 +960,7 @@
=head1 COPYRIGHT
-Copyright (C) 2002-2004 Interchange Development Group
+Copyright (C) 2002-2005 Interchange Development Group
Copyright (C) 1995-2002 Red Hat, Inc.
All rights reserved except those granted in the license.
More information about the interchange-cvs
mailing list