summaryrefslogtreecommitdiff
path: root/lib/util.php
diff options
context:
space:
mode:
authorBrion Vibber <brion@pobox.com>2010-11-29 16:44:01 -0800
committerBrion Vibber <brion@pobox.com>2010-11-29 16:44:01 -0800
commit3f0557aa8efa715e288c731178a27e8d4914a1a7 (patch)
tree5189702f4d41023f273a0d8161eccce812450ce5 /lib/util.php
parente03d2584aaa2f16805e859b328b6536874bb3b9f (diff)
General code safety: validate input and escape SQL strings in common_relative_profile()
Diffstat (limited to 'lib/util.php')
-rw-r--r--lib/util.php13
1 files changed, 8 insertions, 5 deletions
diff --git a/lib/util.php b/lib/util.php
index 317a7aa42..42762b22f 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -1118,17 +1118,20 @@ function common_group_link($sender_id, $nickname)
*
* @param <type> $sender the user or profile in whose context we're looking
* @param string $nickname validated nickname of
- * @param <type> $dt unused mystery parameter.
+ * @param <type> $dt unused mystery parameter; in Notice reply-to handling a timestamp is passed.
*
* @return Profile or null
*/
function common_relative_profile($sender, $nickname, $dt=null)
{
+ // Will throw exception on invalid input.
+ $nickname = Nickname::normalize($nickname);
+
// Try to find profiles this profile is subscribed to that have this nickname
$recipient = new Profile();
// XXX: use a join instead of a subquery
- $recipient->whereAdd('EXISTS (SELECT subscribed from subscription where subscriber = '.$sender->id.' and subscribed = id)', 'AND');
- $recipient->whereAdd("nickname = '" . trim($nickname) . "'", 'AND');
+ $recipient->whereAdd('EXISTS (SELECT subscribed from subscription where subscriber = '.intval($sender->id).' and subscribed = id)', 'AND');
+ $recipient->whereAdd("nickname = '" . $recipient->escape($nickname) . "'", 'AND');
if ($recipient->find(true)) {
// XXX: should probably differentiate between profiles with
// the same name by date of most recent update
@@ -1137,8 +1140,8 @@ function common_relative_profile($sender, $nickname, $dt=null)
// Try to find profiles that listen to this profile and that have this nickname
$recipient = new Profile();
// XXX: use a join instead of a subquery
- $recipient->whereAdd('EXISTS (SELECT subscriber from subscription where subscribed = '.$sender->id.' and subscriber = id)', 'AND');
- $recipient->whereAdd("nickname = '" . trim($nickname) . "'", 'AND');
+ $recipient->whereAdd('EXISTS (SELECT subscriber from subscription where subscribed = '.intval($sender->id).' and subscriber = id)', 'AND');
+ $recipient->whereAdd("nickname = '" . $recipient->escape($nickname) . "'", 'AND');
if ($recipient->find(true)) {
// XXX: should probably differentiate between profiles with
// the same name by date of most recent update