[aur-dev] [PATCH 1/1] fix for FS#15947
Loui Chang
louipc.ist at gmail.com
Thu Oct 1 16:43:48 EDT 2009
On Sun 27 Sep 2009 20:59 -0700, elij wrote:
>
> Fix for maintainer search ticket: FS#15947
> Also http://mailman.archlinux.org/pipermail/aur-dev/2009-September/000892.html
> ---
> web/lib/aurjson.class.php | 41 ++++++++++++++++++++++++++++++++++-------
> 1 files changed, 34 insertions(+), 7 deletions(-)
>
> diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php
> index 5b9ecd1..3af41be 100644
> --- a/web/lib/aurjson.class.php
> +++ b/web/lib/aurjson.class.php
> @@ -128,13 +127,13 @@ class AurJSON {
> // just using sprintf to coerce the pqd to an int
> // should handle sql injection issues, since sprintf will
> // bork if not an int, or convert the string to a number 0
> - $query_stub = sprintf("ID=%d",$pqdata);
> + $query_stub = "ID={$pqdata}";
> }
> else {
> if(get_magic_quotes_gpc()) {
> $pqdata = stripslashes($pqdata);
> }
> - $query_stub = sprintf("Name=\"%s\"",
> + $query_stub = printf("Name=\"%s\"",
> mysql_real_escape_string($pqdata));
> }
>
Hah. printf returns an integer, but we really want a string here.
I've pushed the fix. (Change to sprintf again)
Cheers.
More information about the aur-dev
mailing list