[Koha-bugs] [Bug 10590] in opac-topissues limit param is not protected
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jul 15 15:59:15 CEST 2013
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10590
--- Comment #2 from Robin Sheat <robin at catalyst.net.nz> ---
I'm unable to reproduce this, anything following ';' is stripped off. However,
if you replace ; with %3B, then it gets through. However, adding e.g.
'%3Btruncate+test%3B' to the end of limit does give me a query that finishes
like:
GROUP BY biblio.biblionumber
HAVING tot >0
ORDER BY tot DESC
LIMIT 15;truncate test;
which isn't ideal.
Running this gives me:
DBD::mysql::st execute failed: You have an error in your SQL syntax; check the
manual that corresponds to your MySQL server version for the right syntax to
use near 'truncate test' at line 14 at
/mnt/catalyst/koha/opac/opac-topissues.pl line 117.
and I don't fully know why.
This said, this shouldn't be possible. I don't think your patch goes far enough
though: the $limit should be replaced by a '?' as well as being filtered. I'll
test your patch and make a followup with that.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list