dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eb935e8)
added isnumeric check to limitResult() to prevent a possible sql injection.
authorYuri Astrakhan <yurik@users.mediawiki.org>
Mon, 1 May 2006 05:20:52 +0000 (05:20 +0000)
committerYuri Astrakhan <yurik@users.mediawiki.org>
Mon, 1 May 2006 05:20:52 +0000 (05:20 +0000)
includes/Database.php patch | blob | history

diff --git a/includes/Database.php b/includes/Database.php
index 55d5f96..133f4a1 100644 (file)
--- a/includes/Database.php
+++ b/includes/Database.php
@@ -1386,7 +1386,12 @@ class Database {
         * $offset integer the SQL offset (default false)
         */
        function limitResult($sql, $limit, $offset=false) {
-               return " $sql LIMIT ".((is_numeric($offset) && $offset != 0)?"{$offset},":"")."{$limit} ";
+               if( !is_numeric($limit) ) {
+                       wfDie( "Invalid non-numeric limit passed to limitResult()\n" );
+               }
+               return " $sql LIMIT "
+                               . ( (is_numeric($offset) && $offset != 0) ? "{$offset}," : "" )
+                               . "{$limit} ";
        }
        function limitResultForUpdate($sql, $num) {
                return $this->limitResult($sql, $num, 0);
Wiklou, le Wiki du Wiklou