Commit 0bd25284 authored by Steven Wittens's avatar Steven Wittens

- Fixed security issue: unchecked form-data in a db-query (line 82)

- Fixed bug: the module now checks only against other *stories* (instead of nodes) with the same title.
parent 534c00f9
...@@ -79,7 +79,7 @@ function story_form($edit = array()) { ...@@ -79,7 +79,7 @@ function story_form($edit = array()) {
$output .= "<INPUT TYPE=\"hidden\" NAME=\"edit[nid]\" VALUE=\"$edit[nid]\">\n"; $output .= "<INPUT TYPE=\"hidden\" NAME=\"edit[nid]\" VALUE=\"$edit[nid]\">\n";
} }
$duplicate = db_result(db_query("SELECT COUNT(nid) FROM node WHERE title = '$title'")); $duplicate = db_result(db_query("SELECT COUNT(nid) FROM node WHERE title = '". check_input($title) ."' AND type = 'story'"));
if (!$edit) { if (!$edit) {
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Preview") ."\">\n"; $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Preview") ."\">\n";
......
...@@ -79,7 +79,7 @@ function story_form($edit = array()) { ...@@ -79,7 +79,7 @@ function story_form($edit = array()) {
$output .= "<INPUT TYPE=\"hidden\" NAME=\"edit[nid]\" VALUE=\"$edit[nid]\">\n"; $output .= "<INPUT TYPE=\"hidden\" NAME=\"edit[nid]\" VALUE=\"$edit[nid]\">\n";
} }
$duplicate = db_result(db_query("SELECT COUNT(nid) FROM node WHERE title = '$title'")); $duplicate = db_result(db_query("SELECT COUNT(nid) FROM node WHERE title = '". check_input($title) ."' AND type = 'story'"));
if (!$edit) { if (!$edit) {
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Preview") ."\">\n"; $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". t("Preview") ."\">\n";
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment