From e3f9e5371ac612a1b99f02e8d55b398bef582959 Mon Sep 17 00:00:00 2001 From: Chris Morgan Date: Tue, 27 Jun 2006 19:16:27 +0000 Subject: [PATCH] Use query_parameters() in SQL select, update and delete statements to protect against sql injection attacks --- addcomment.php | 3 +- admin/addAppNote.php | 4 +- admin/addCategory.php | 18 +-- admin/adminAppDataQueue.php | 2 +- admin/adminAppQueue.php | 20 +-- admin/adminBugs.php | 14 +- admin/adminCommentView.php | 8 +- admin/adminMaintainerQueue.php | 11 +- admin/adminMaintainers.php | 6 +- admin/adminScreenshots.php | 6 +- admin/adminUsers.php | 9 +- admin/editAppFamily.php | 3 +- admin/editAppVersion.php | 3 +- admin/editBundle.php | 10 +- admin/moveAppVersion.php | 2 +- appimage.php | 7 +- appsubmit.php | 16 +-- appview.php | 7 +- distributionView.php | 3 +- include/appdb.php | 12 +- include/application.php | 58 +++++---- include/bugs.php | 21 +-- include/category.php | 28 ++-- include/comment.php | 27 ++-- include/db.php | 13 +- include/distributions.php | 83 +++++++----- include/incl.php | 18 ++- include/maintainer.php | 14 +- include/monitor.php | 2 +- include/note.php | 18 +-- include/screenshot.php | 75 ++++++----- include/session.php | 13 +- include/tableve.php | 6 +- include/testResults.php | 59 +++++---- include/url.php | 28 ++-- include/user.php | 226 +++++++++++++++++++-------------- include/util.php | 64 +++++----- include/vendor.php | 20 +-- include/version.php | 78 ++++++------ include/vote.php | 17 +-- index.php | 2 +- preferences.php | 2 +- vendorview.php | 3 +- viewScreenshots.php | 7 +- viewbugs.php | 18 +-- votestats.php | 22 ++-- 46 files changed, 602 insertions(+), 484 deletions(-) diff --git a/addcomment.php b/addcomment.php index 7b229c5..a25eb7b 100644 --- a/addcomment.php +++ b/addcomment.php @@ -58,7 +58,8 @@ else if($aClean['thread'] > 0) { - $hResult = query_appdb("SELECT * FROM appComments WHERE commentId = ".$aClean['thread']); + $hResult = query_parameters("SELECT * FROM appComments WHERE commentId = '?'", + $aClean['thread']); $oRow = mysql_fetch_object($hResult); if($oRow) { diff --git a/admin/addAppNote.php b/admin/addAppNote.php index acd23b0..83a143a 100644 --- a/admin/addAppNote.php +++ b/admin/addAppNote.php @@ -18,8 +18,8 @@ $aClean['noteTitle'] = makeSafe($_REQUEST['noteTitle']); $aClean['noteDesc'] = makeSafe($_REQUEST['noteDesc']); //FIXME: get rid of appId references everywhere, as version is enough. -$sQuery = "SELECT appId FROM appVersion WHERE versionId = '".$aClean['versionId']."'"; -$hResult = query_appdb($sQuery); +$sQuery = "SELECT appId FROM appVersion WHERE versionId = '?'"; +$hResult = query_parameters($sQuery, $aClean['versionId']); $oRow = mysql_fetch_object($hResult); $appId = $oRow->appId; diff --git a/admin/addCategory.php b/admin/addCategory.php index c1e457b..95647f0 100644 --- a/admin/addCategory.php +++ b/admin/addCategory.php @@ -24,15 +24,15 @@ if($aClean['submit']) } else { -apidb_header("Add Category"); -$sQuery = "SELECT catId, catName FROM appCategory WHERE catId!='".$aClean['catId']."'"; -$hResult = query_appdb($sQuery); -while($oRow = mysql_fetch_object($hResult)) -{ - $aCatsIds[]=$oRow->catId; - $aCatsNames[]=$oRow->catName; -} -echo "
+ apidb_header("Add Category"); + $sQuery = "SELECT catId, catName FROM appCategory WHERE catId!='?'"; + $hResult = query_parameters($sQuery, $aClean['catId']); + while($oRow = mysql_fetch_object($hResult)) + { + $aCatsIds[]=$oRow->catId; + $aCatsNames[]=$oRow->catName; + } + echo " iCatId."\" /> diff --git a/admin/adminAppDataQueue.php b/admin/adminAppDataQueue.php index ada8db2..1a3ee23 100644 --- a/admin/adminAppDataQueue.php +++ b/admin/adminAppDataQueue.php @@ -178,7 +178,7 @@ if (!$aClean['id']) $statusMessage = "

The application data was successfully added into the database

\n"; //delete the item from the queue - query_appdb("DELETE from appData where id = ".$obj_row->id.";"); + query_parameters("DELETE from appData where id = '?'", $obj_row->id); //Send Status Email $oUser = new User($obj_row->userId); diff --git a/admin/adminAppQueue.php b/admin/adminAppQueue.php index 193697d..b929afe 100644 --- a/admin/adminAppQueue.php +++ b/admin/adminAppQueue.php @@ -54,7 +54,9 @@ function outputSearchTableForDuplicateFlagging($currentAppId, $hResult) $bgcolor = ($c % 2) ? 'color0' : 'color1'; //count versions - $query = query_appdb("SELECT count(*) as versions FROM appVersion WHERE appId = $ob->appId AND versionName != 'NONAME'"); + $query = query_parameters("SELECT count(*) as versions FROM appVersion WHERE ". + "appId = '?' AND versionName != 'NONAME'", + $ob->appId); $y = mysql_fetch_object($query); //display row @@ -151,8 +153,7 @@ if ($aClean['sub']) // if we are processing a queued application there MUST be an implicitly queued // version to go along with it. - $sQuery = "Select versionId from appVersion where appId='".$aClean['appId']."';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT versionId from appVersion where appId='?';", $aClean['appId']); $oRow = mysql_fetch_object($hResult); $oVersion = new Version($oRow->versionId); @@ -175,8 +176,8 @@ if ($aClean['sub']) } // Get the Testing results if they exist - $sQuery = "Select testingId from testResults where versionId='".$oVersion->iVersionId."';"; - $hResult = query_appdb($sQuery); + + $hResult = query_parameters("SELECT testingId from testResults where versionId='?'", $oVersion->iVersionId); if($hResult) { $oRow = mysql_fetch_object($hResult); @@ -234,7 +235,7 @@ if ($aClean['sub']) { if(is_numeric($aClean['versionIdMergeTo'])) { - // move this Test submission under the existing version // + // move this Test submission under the existing version $oTest->iVersionId = $aClean['versionIdMergeTo']; $oTest->update(); @@ -358,8 +359,8 @@ if ($aClean['sub']) if(!$iVendorId) { $sVendor = get_vendor_from_keywords($oApp->sKeywords); - $sQuery = "SELECT vendorId FROM vendor WHERE vendorname = '".$sVendor."';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT vendorId FROM vendor WHERE vendorname = '?'", + $sVendor); if($hResult) { $oRow = mysql_fetch_object($hResult); @@ -372,8 +373,7 @@ if ($aClean['sub']) */ if(!$iVendorId) { - $sQuery = "select * from vendor where vendorname like '%".$sVendor."%';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT * from vendor where vendorname like '%?%'", $sVendor); if($hResult) { $oRow = mysql_fetch_object($hResult); diff --git a/admin/adminBugs.php b/admin/adminBugs.php index 3259f2b..da98d8a 100644 --- a/admin/adminBugs.php +++ b/admin/adminBugs.php @@ -117,16 +117,6 @@ if ($aClean['sub']) AND buglinks.versionId = appVersion.versionId AND buglinks.bug_id = ".BUGZILLA_DB.".bugs.bug_id"; } - $sQuery = "SELECT appFamily.description as appDescription, - appFamily.appName as appName, appVersion.*, - buglinks.versionId as versionId, - buglinks.bug_id as bug_id, - buglinks.linkId as linkId, - buglinks.queued as queued, - bugs.* - FROM appFamily, appVersion, buglinks, bugs.bugs - ".$sWhere." - ORDER BY buglinks.bug_id, appName, versionName"; $sQuery = "SELECT appFamily.description as appDescription, appFamily.appName as appName, appVersion.*, buglinks.versionId as versionId, @@ -137,11 +127,11 @@ if ($aClean['sub']) FROM appFamily, appVersion, buglinks, bugs.bugs ".$sWhere." ORDER BY buglinks.bug_id, appName, versionName - LIMIT ".$offset.", ".$ItemsPerPage.";"; + LIMIT ".mysql_real_escape_string($offset).", ".mysql_real_escape_string($ItemsPerPage).";"; $c = 0; - if($hResult = query_appdb($sQuery)) + if($hResult = query_parameters($sQuery)) { while($oRow = mysql_fetch_object($hResult)) { diff --git a/admin/adminCommentView.php b/admin/adminCommentView.php index 749ece8..ce15aaf 100644 --- a/admin/adminCommentView.php +++ b/admin/adminCommentView.php @@ -60,14 +60,14 @@ echo ""; /* query for all of the commentId's, ordering by their time in reverse order */ $offset = (($currentPage-1) * $ItemsPerPage); -$commentIds = query_appdb("SELECT commentId from appComments ORDER BY ". - "appComments.time ASC LIMIT $offset, $ItemsPerPage;"); +$commentIds = query_parameters("SELECT commentId from appComments ORDER BY ". + "appComments.time ASC LIMIT ?, ?", $offset, $ItemsPerPage); while ($ob = mysql_fetch_object($commentIds)) { $sQuery = "SELECT from_unixtime(unix_timestamp(time), \"%W %M %D %Y, %k:%i\") as time, ". "commentId, parentId, versionId, userid, subject, body ". - "FROM appComments WHERE commentId = $ob->commentId;"; - $hResult = query_appdb($sQuery); + "FROM appComments WHERE commentId = '?'"; + $hResult = query_parameters($sQuery, $ob->commentId); /* call view_app_comment to display the comment */ $comment_ob = mysql_fetch_object($hResult); view_app_comment($comment_ob); diff --git a/admin/adminMaintainerQueue.php b/admin/adminMaintainerQueue.php index d651cf9..b6fc639 100644 --- a/admin/adminMaintainerQueue.php +++ b/admin/adminMaintainerQueue.php @@ -33,8 +33,8 @@ if ($aClean['sub']) $sQuery = "SELECT queueId, appId, versionId,". "userId, maintainReason, superMaintainer,". "UNIX_TIMESTAMP(submitTime) as submitTime ". - "FROM appMaintainerQueue WHERE queueId = ".$aClean['queueId'].";"; - $hResult = query_appdb($sQuery); + "FROM appMaintainerQueue WHERE queueId = '?'"; + $hResult = query_parameters($sQuery, $aClean['queueId']); $oRow = mysql_fetch_object($hResult); $oUser = new User($oRow->userId); mysql_free_result($hResult); @@ -209,8 +209,9 @@ if ($aClean['sub']) } //delete main item - $sQuery = "DELETE from appMaintainerQueue where queueId = ".$aClean['queueId'].";"; - $hResult = query_appdb($sQuery,"unable to delete selected maintainer application"); + $sQuery = "DELETE from appMaintainerQueue where queueId = '?'"; + $hResult = query_parameters($sQuery, $aClean['queueId']); + if(!$hResult) addmsg("unable to delete selected maintainer application", "red"); echo html_frame_start("Delete maintainer application",400,"",0); if($hResult) { @@ -237,7 +238,7 @@ if ($aClean['sub']) "superMaintainer,". "submitTime as submitTime ". "from appMaintainerQueue;"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery); if(!$hResult || !mysql_num_rows($hResult)) { diff --git a/admin/adminMaintainers.php b/admin/adminMaintainers.php index 1385f50..cfe5108 100644 --- a/admin/adminMaintainers.php +++ b/admin/adminMaintainers.php @@ -28,8 +28,8 @@ if ($aClean['sub']) { if($aClean['sub'] == 'delete') { - $sQuery = "DELETE FROM appMaintainers WHERE maintainerId = ".$aClean['maintainerId'].";"; - $hResult = query_appdb($sQuery); + $sQuery = "DELETE FROM appMaintainers WHERE maintainerId = '?'"; + $hResult = query_parameters($sQuery, $aClean['maintainerId']); echo html_frame_start("Delete maintainer: ".$aClean['maintainerId'],400,"",0); if($hResult) { @@ -44,7 +44,7 @@ if ($aClean['sub']) // get available maintainers $sQuery = "SELECT * FROM appMaintainers, user_list where appMaintainers.userId = user_list.userid"; $sQuery.= " ORDER BY realname;"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery); if(!$hResult || !mysql_num_rows($hResult)) { diff --git a/admin/adminScreenshots.php b/admin/adminScreenshots.php index 7ac0770..3102343 100644 --- a/admin/adminScreenshots.php +++ b/admin/adminScreenshots.php @@ -50,7 +50,7 @@ apidb_header("Screenshots"); if($aClean['regenerate']) { $sQuery = "SELECT id FROM appData WHERE type = 'image'"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery); while($oRow = mysql_fetch_object($hResult)) { echo "REGENERATING IMAGE ".$oRow->id."
"; @@ -113,9 +113,9 @@ echo ""; echo ""; /* query for all of the Screenshots in assending order */ -$Ids = query_appdb("SELECT * from appData +$Ids = query_parameters("SELECT * from appData WHERE type = 'image' - ORDER BY id ASC LIMIT $offset, $ItemsPerPage;"); + ORDER BY id ASC LIMIT ?, ?", $offset, $ItemsPerPage); $c = 1; echo "
\n"; while ($oRow = mysql_fetch_object($Ids)) diff --git a/admin/adminUsers.php b/admin/adminUsers.php index 89bc010..fe35633 100644 --- a/admin/adminUsers.php +++ b/admin/adminUsers.php @@ -84,10 +84,11 @@ if($aClean['sSubmit']) { $sSearch = $aClean['sSearch']; $sQuery = "SELECT * FROM user_list - WHERE realname LIKE '%".$sSearch."%' OR email LIKE '%".$sSearch."%' - ORDER BY ".$aClean['sOrderBy']." - LIMIT ".$aClean['iLimit']; - $hResult = query_appdb($sQuery); + WHERE realname LIKE '%?%' OR email LIKE '%?%' + ORDER BY ? + LIMIT ?"; + $hResult = query_parameters($sQuery, $sSearch, $sSearch, $aClean['sOrderBy'], + $aClean['iLimit']); $i=0; while($hResult && $oRow = mysql_fetch_object($hResult)) { diff --git a/admin/editAppFamily.php b/admin/editAppFamily.php index b3b7932..14ee443 100644 --- a/admin/editAppFamily.php +++ b/admin/editAppFamily.php @@ -67,7 +67,8 @@ else echo '
',"\n"; $i = 0; - $hResult = query_appdb("SELECT * FROM appData WHERE appId = $oApp->iAppId AND type = 'url' AND versionId = 0"); + $hResult = query_parameters("SELECT * FROM appData WHERE appId = '?' AND type = 'url' AND versionId = 0", + $oApp->iAppId); if($hResult && mysql_num_rows($hResult) > 0) { echo '
Delete',"\n"; diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php index b3b00aa..77dc46a 100644 --- a/admin/editAppVersion.php +++ b/admin/editAppVersion.php @@ -59,7 +59,8 @@ if(!empty($aClean['submit'])) echo '',"\n"; $i = 0; - $hResult = query_appdb("SELECT * FROM appData WHERE versionId = ".$oVersion->iVersionId." AND type = 'url'"); + $hResult = query_parameters("SELECT * FROM appData WHERE versionId = '?' AND type = 'url'", + $oVersion->iVersionId); if($hResult && mysql_num_rows($hResult) > 0) { echo '
Delete',"\n"; diff --git a/admin/editBundle.php b/admin/editBundle.php index 5806d10..ca5298e 100644 --- a/admin/editBundle.php +++ b/admin/editBundle.php @@ -11,7 +11,7 @@ if(!$_SESSION['current']->hasPriv("admin")) function build_app_list() { - $hResult = query_appdb("SELECT appId, appName FROM appFamily ORDER BY appName"); + $hResult = query_parameters("SELECT appId, appName FROM appFamily ORDER BY appName"); echo "\n\n"; diff --git a/admin/moveAppVersion.php b/admin/moveAppVersion.php index 459f35a..6621a7e 100644 --- a/admin/moveAppVersion.php +++ b/admin/moveAppVersion.php @@ -55,7 +55,7 @@ if(!empty($aClean['action'])) // although this cheaper select leaves out all applications that lack versions $sQuery = "select appName, appFamily.appId, versionName, versionId from appFamily left join appVersion "; $sQuery.= "on appVersion.appId = appFamily.appId ORDER BY appFamily.appName, appFamily.appId, appVersion.versionName;"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery); $currentAppId = 0; while($oRow = mysql_fetch_object($hResult)) { diff --git a/appimage.php b/appimage.php index dd58b34..b3dc05e 100644 --- a/appimage.php +++ b/appimage.php @@ -33,10 +33,9 @@ if ($aClean['REQUEST_METHOD']='HEAD') errorpage("Bad parameter"); exit; } - $sQuery = "SELECT id, url FROM appData - WHERE id = ".$iId." - AND type = 'image' LIMIT 1"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT id, url FROM appData + WHERE id = '?' + AND type = 'image' LIMIT 1", $iId); $fImage = 0; if($hResult) { diff --git a/appsubmit.php b/appsubmit.php index 96fd174..f2c23b9 100644 --- a/appsubmit.php +++ b/appsubmit.php @@ -82,8 +82,8 @@ if ($aClean['sub']) // version to go along with it. Find this version so we can display its information // during application processing so the admin can make a better choice about // whether to accept or reject the overall application - $sQuery = "Select versionId from appVersion where appId='".$aClean['appId']."';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("Select versionId from appVersion where appId='?'", + $aClean['appId']); $oRow = mysql_fetch_object($hResult); // make sure the user has permission to view this version @@ -123,8 +123,8 @@ if ($aClean['sub']) } // Get the Testing results if they exist - $sQuery = "Select testingId from testResults where versionId='".$oVersion->iVersionId."';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("Select testingId from testResults where versionId = '?'", + $oVersion->iVersionId); if($hResult) { $oRow = mysql_fetch_object($hResult); @@ -222,8 +222,8 @@ if ($aClean['sub']) { // get the queued versions that refers to the application entry we just removed // and delete them as we implicitly added a version entry when adding a new application - $sQuery = "SELECT versionId FROM appVersion WHERE appVersion.appId = '".$aClean['appId']."' AND appVersion.queued = 'rejected';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT versionId FROM appVersion WHERE appVersion.appId = '?' + AND appVersion.queued = 'rejected';", $aClean['appId']); if($hResult) { while($oRow = mysql_fetch_object($hResult)) @@ -300,8 +300,8 @@ if ($aClean['sub']) // try for a partial match if(!$iVendorId) { - $sQuery = "select * from vendor where vendorname like '%".$aClean['appVendorName']."%';"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("select * from vendor where vendorname like '%?%'", + $aClean['appVendorName']); if($hResult) { $oRow = mysql_fetch_object($hResult); diff --git a/appview.php b/appview.php index 3c4ef8a..479a3e8 100644 --- a/appview.php +++ b/appview.php @@ -44,11 +44,12 @@ function display_catpath($catId, $appId, $versionId = '') /** * display the SUB apps that belong to this app */ -function display_bundle($appId) +function display_bundle($iAppId) { $oApp = new Application($appId); - $hResult = query_appdb("SELECT appFamily.appId, appName, description FROM appBundle, appFamily ". - "WHERE appFamily.queued='false' AND bundleId = $appId AND appBundle.appId = appFamily.appId"); + $hResult = query_parameters("SELECT appFamily.appId, appName, description FROM appBundle, appFamily ". + "WHERE appFamily.queued='false' AND bundleId = '?' AND appBundle.appId = appFamily.appId", + $iAppId); if(!$hResult || mysql_num_rows($hResult) == 0) { return; // do nothing diff --git a/distributionView.php b/distributionView.php index bd5355e..178e781 100644 --- a/distributionView.php +++ b/distributionView.php @@ -40,8 +40,7 @@ if(!$oDistribution->iDistributionId) apidb_header("View Distributions"); //get available Distributions - $sQuery = "SELECT distributionId FROM distributions ORDER BY name, distributionId;"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT distributionId FROM distributions ORDER BY name, distributionId;"); // show Distribution list echo html_frame_start("","90%","",0); diff --git a/include/appdb.php b/include/appdb.php index 57371ad..a4eecf5 100644 --- a/include/appdb.php +++ b/include/appdb.php @@ -4,11 +4,13 @@ function log_category_visit($catId) { global $REMOTE_ADDR; - $result = query_appdb("SELECT * FROM catHitStats WHERE ip = '$REMOTE_ADDR' AND catId = $catId"); + $result = query_parameters("SELECT * FROM catHitStats WHERE ip = '?' AND catId = '?'", + $REMOTE_ADDR, $catId); if($result && mysql_num_rows($result) == 1) { $stats = mysql_fetch_object($result); - query_appdb("UPDATE catHitStats SET count = count + 1 WHERE catHitId = $stats->catHitId"); + query_parameters("UPDATE catHitStats SET count = count + 1 WHERE catHitId = '?'", + $stats->catHitId); } else { query_parameters("INSERT INTO catHitStats (appHitId, time, ip, catId, count) ". @@ -21,11 +23,13 @@ function log_application_visit($appId) { global $REMOTE_ADDR; - $result = query_appdb("SELECT * FROM appHitStats WHERE ip = '$REMOTE_ADDR' AND appId = $appId"); + $result = query_parameters("SELECT * FROM appHitStats WHERE ip = '?' AND appId = '?'", + $REMOTE_ADDR, $appId); if($result && mysql_num_rows($result) == 1) { $stats = mysql_fetch_object($result); - query_appdb("UPDATE appHitStats SET count = count + 1 WHERE appHitId = $stats->appHitId"); + query_parameters("UPDATE appHitStats SET count = count + 1 WHERE appHitId = '?'", + $stats->appHitId); } else { query_parameters("INSERT INTO appHitStats (appHitId, time, ip, appId, count) ". diff --git a/include/application.php b/include/application.php index bf6fa47..10e0632 100644 --- a/include/application.php +++ b/include/application.php @@ -37,8 +37,8 @@ class Application { /* fetch this applications information */ $sQuery = "SELECT * FROM appFamily - WHERE appId = ".$iAppId; - if($hResult = query_appdb($sQuery)) + WHERE appId = '?'"; + if($hResult = query_parameters($sQuery, $iAppId)) { $oRow = mysql_fetch_object($hResult); $this->iAppId = $iAppId; @@ -62,14 +62,14 @@ class Application { if($_SESSION['current']->hasPriv("admin")) { $sQuery = "SELECT versionId FROM appVersion WHERE - appId =".$this->iAppId; + appId = '?'"; } else { $sQuery = "SELECT versionId FROM appVersion WHERE queued = 'false' AND - appId =".$this->iAppId; + appId = '?'"; } - if($hResult = query_appdb($sQuery)) + if($hResult = query_parameters($sQuery, $this->iAppId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -85,9 +85,9 @@ class Application { $sQuery = "SELECT id FROM appData WHERE type = 'url' - AND appId = ".$iAppId; + AND appId = '?'"; - if($hResult = query_appdb($sQuery)) + if($hResult = query_parameters($sQuery, $iAppId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -149,7 +149,8 @@ class Application { if ($this->sName && ($this->sName!=$oApp->sName)) { $sUpdate = compile_update_string(array('appName' => $this->sName)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $sWhatChanged .= "Name was changed from ".$oApp->sName." to ".$this->sName.".\n\n"; } @@ -157,7 +158,8 @@ class Application { if ($this->sDescription && ($this->sDescription!=$oApp->sDescription)) { $sUpdate = compile_update_string(array('description' => $this->sDescription)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $sWhatChanged .= "Description was changed from\n ".$oApp->sDescription."\n to \n".$this->sDescription.".\n\n"; } @@ -165,7 +167,8 @@ class Application { if ($this->sKeywords && ($this->sKeywords!=$oApp->sKeywords)) { $sUpdate = compile_update_string(array('keywords' => $this->sKeywords)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $sWhatChanged .= "Keywords were changed from\n ".$oApp->sKeywords."\n to \n".$this->sKeywords.".\n\n"; } @@ -173,7 +176,8 @@ class Application { if ($this->sWebpage && ($this->sWebpage!=$oApp->sWebpage)) { $sUpdate = compile_update_string(array('webPage' => $this->sWebpage)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $sWhatChanged .= "Web page was changed from ".$oApp->sWebpage." to ".$this->sWebpage.".\n\n"; } @@ -181,7 +185,8 @@ class Application { if ($this->iVendorId && ($this->iVendorId!=$oApp->iVendorId)) { $sUpdate = compile_update_string(array('vendorId' => $this->iVendorId)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $oVendorBefore = new Vendor($oApp->iVendorId); $oVendorAfter = new Vendor($this->iVendorId); @@ -191,7 +196,8 @@ class Application { if ($this->iCatId && ($this->iCatId!=$oApp->iCatId)) { $sUpdate = compile_update_string(array('catId' => $this->iCatId)); - if (!query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if (!query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) return false; $oCatBefore = new Category($oApp->iCatId); $oCatAfter = new Category($this->iCatId); @@ -225,16 +231,16 @@ class Application { } // remove any supermaintainers for this application so we don't orphan them - $sQuery = "DELETE from appMaintainers WHERE appId='".$this->iAppId."';"; - if(!($hResult = query_appdb($sQuery))) + $sQuery = "DELETE from appMaintainers WHERE appId='?'"; + if(!($hResult = query_parameters($sQuery, $this->iAppId))) { addmsg("Error removing app maintainers for the deleted application!", "red"); } $sQuery = "DELETE FROM appFamily - WHERE appId = ".$this->iAppId." + WHERE appId = '?' LIMIT 1"; - if(!($hResult = query_appdb($sQuery))) + if(!($hResult = query_parameters($sQuery, $this->iAppId))) { addmsg("Error deleting application!", "red"); } @@ -256,7 +262,8 @@ class Application { $sUpdate = compile_update_string(array('queued' => "false", 'keywords'=> str_replace(" *** ","",$this->sKeywords) )); - if(query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if(query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) { $this->sQueued = 'false'; // we send an e-mail to intersted people @@ -275,7 +282,8 @@ class Application { return false; $sUpdate = compile_update_string(array('queued' => "rejected")); - if(query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if(query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) { $this->sQueued = 'rejected'; // we send an e-mail to intersted people @@ -292,7 +300,8 @@ class Application { return false; $sUpdate = compile_update_string(array('queued' => "true")); - if(query_appdb("UPDATE appFamily SET ".$sUpdate." WHERE appId = ".$this->iAppId)) + if(query_parameters("UPDATE appFamily SET ".$sUpdate." WHERE appId = '?'", + $this->iAppId)) { $this->sQueued = 'true'; // we send an e-mail to intersted people @@ -559,7 +568,8 @@ class Application { echo " \n"; // optional links - $result = query_appdb("SELECT * FROM appData WHERE appId = ".$aClean['appId']." AND versionID = 0 AND type = 'url'"); + $result = query_parameters("SELECT * FROM appData WHERE appId = '?' AND versionID = 0 AND type = 'url'", + $aClean['appId']); if($result && mysql_num_rows($result) > 0) { echo " \n"; // links - $result = query_appdb("SELECT * FROM appData WHERE versionID = ".$this->iVersionId." AND type = 'url'"); + $result = query_parameters("SELECT * FROM appData WHERE versionID = '?' AND type = 'url'", + $this->iVersionId); if($result && mysql_num_rows($result) > 0) { echo "
URL".$appLinkURL."
Links\n"; @@ -662,7 +672,8 @@ class Application { function lookup_version_name($versionId) { if(!$versionId) return null; - $result = query_appdb("SELECT versionName FROM appVersion WHERE versionId = $versionId"); + $result = query_parameters("SELECT versionName FROM appVersion WHERE versionId = '?'", + $versionId); if(!$result || mysql_num_rows($result) != 1) return null; $ob = mysql_fetch_object($result); @@ -673,7 +684,8 @@ function lookup_version_name($versionId) function lookup_app_name($appId) { if(!$appId) return null; - $result = query_appdb("SELECT appName FROM appFamily WHERE appId = $appId"); + $result = query_parameters("SELECT appName FROM appFamily WHERE appId = '?'", + $appId); if(!$result || mysql_num_rows($result) != 1) return null; $ob = mysql_fetch_object($result); diff --git a/include/bugs.php b/include/bugs.php index 002a762..82df236 100644 --- a/include/bugs.php +++ b/include/bugs.php @@ -31,8 +31,8 @@ class Bug { $sQuery = "SELECT buglinks.*, appVersion.appId AS appId FROM buglinks, appVersion WHERE buglinks.versionId = appVersion.versionId - AND linkid = ".$iLinkId; - if($hResult = query_appdb($sQuery)) + AND linkid = '?'"; + if($hResult = query_parameters($sQuery, $iLinkId)) { $oRow = mysql_fetch_object($hResult); $this->iLinkId = $iLinkId; @@ -98,8 +98,8 @@ class Bug { $sQuery = "SELECT * FROM buglinks - WHERE versionId = ".$iVersionId; - if($hResult = query_appdb($sQuery,"looking for duplicates")) + WHERE versionId = '?'"; + if($hResult = query_parameters($sQuery, $iVersionId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -126,9 +126,9 @@ class Bug { $sQuery = "SELECT buglinks.*, appVersion.appId AS appId FROM buglinks, appVersion WHERE buglinks.versionId = appVersion.versionId - AND buglinks.versionId = ".$iVersionId." - AND buglinks.bug_id = ".$iBug_id; - if($hResult = query_appdb($sQuery)) + AND buglinks.versionId = '?' + AND buglinks.bug_id = '?'"; + if($hResult = query_parameters($sQuery, $iVersionId, $iBug_id)) { $oRow = mysql_fetch_object($hResult); $this->bug($oRow->linkId); @@ -152,8 +152,8 @@ class Bug { function delete($bSilent=false) { $sQuery = "DELETE FROM buglinks - WHERE linkId = ".$this->iLinkId; - if($hResult = query_appdb($sQuery)) + WHERE linkId = '?'"; + if($hResult = query_parameters($sQuery, $this->iLinkId)) { if(!$bSilent) $this->SendNotificationMail(true); @@ -176,7 +176,8 @@ class Bug { return false; $sUpdate = compile_update_string(array('queued' => "false")); - if(query_appdb("UPDATE buglinks SET ".$sUpdate." WHERE linkId=".$this->iLinkId)) + if(query_parameters("UPDATE buglinks SET ".$sUpdate." WHERE linkId='?'", + $this->iLinkId)) { $this->bQueued = false; // we send an e-mail to intersted people diff --git a/include/category.php b/include/category.php index 327f8a3..8c54dac 100644 --- a/include/category.php +++ b/include/category.php @@ -28,8 +28,8 @@ class Category { */ $sQuery = "SELECT * FROM appCategory - WHERE catId = ".$iCatId." ORDER BY catName;"; - if($hResult = query_appdb($sQuery)) + WHERE catId = '?' ORDER BY catName;"; + if($hResult = query_parameters($sQuery, $iCatId)) { $oRow = mysql_fetch_object($hResult); $this->iCatId = $iCatId; @@ -44,9 +44,9 @@ class Category { */ $sQuery = "SELECT appId FROM appFamily - WHERE catId = ".$iCatId." + WHERE catId = '?' AND queued = 'false' ORDER BY appName"; - if($hResult = query_appdb($sQuery)) + if($hResult = query_parameters($sQuery, $iCatId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -59,8 +59,8 @@ class Category { */ $sQuery = "SELECT catId FROM appCategory - WHERE catParent = ".$iCatId." ORDER BY catName;"; - if($hResult = query_appdb($sQuery)) + WHERE catParent = '?' ORDER BY catName;"; + if($hResult = query_parameters($sQuery, $iCatId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -104,21 +104,24 @@ class Category { if($sName) { - if (!query_appdb("UPDATE appCategory SET catName = '".$sName."' WHERE catId = ".$this->iCatId)) + if (!query_parameters("UPDATE appCategory SET catName = '?' WHERE catId = '?'", + $sName, $this->iCatId)) return false; $this->sName = $sName; } if($sDescription) { - if (!query_appdb("UPDATE appCategory SET catDescription = '".$sDescription."' WHERE catId = ".$this->iCatId)) + if (!query_parameters("UPDATE appCategory SET catDescription = '?' WHERE catId = '?'", + $sDescription, $this->iCatId)) return false; $this->sDescription = $sDescription; } if($iParentId) { - if (!query_appdb("UPDATE appCategory SET catParent = '".$iParentId."' WHERE catId = ".$this->iCatId)) + if (!query_parameters("UPDATE appCategory SET catParent = '?' WHERE catId = '?'", + $iParentId, $this->iCatId)) return false; $this->iParentId = $iParentId; } @@ -141,9 +144,9 @@ class Category { } else { $sQuery = "DELETE FROM appCategory - WHERE catId = ".$this->iCatId." + WHERE catId = '?' LIMIT 1"; - query_appdb($sQuery); + query_parameters($sQuery, $this->iCatId); addmsg("The category has been deleted.", "green"); } @@ -162,7 +165,8 @@ class Category { $iCatId = $this->iCatId; while($iCatId != 0) { - $result = query_appdb("SELECT catName, catId, catParent FROM appCategory WHERE catId = $iCatId"); + $result = query_parameters("SELECT catName, catId, catParent FROM appCategory WHERE catId = '?'", + $iCatId); if(!$result || mysql_num_rows($result) != 1) break; $cat = mysql_fetch_object($result); diff --git a/include/comment.php b/include/comment.php index 802e32d..2fc511e 100644 --- a/include/comment.php +++ b/include/comment.php @@ -30,8 +30,8 @@ class Comment { $sQuery = "SELECT appComments.*, appVersion.appId AS appId FROM appComments, appVersion WHERE appComments.versionId = appVersion.versionId - AND commentId = '".$iCommentId."'"; - $hResult = query_appdb($sQuery); + AND commentId = '?'"; + $hResult = query_parameters($sQuery, $iCommentId); $oRow = mysql_fetch_object($hResult); $this->iCommentId = $oRow->commentId; $this->iParentId = $oRow->parentId; @@ -114,14 +114,16 @@ class Comment { { if ($iParentId) { - if (!query_appdb("UPDATE appComments SET parentId = '".$iParentId."' WHERE commentId = ".$this->iCommentId)) + if (!query_parameters("UPDATE appComments SET parentId = '?' WHERE commentId = '?'", + $iParentId, $this->iCommentId)) return false; $this->iParentId = $iParentId; } if ($iVersionId) { - if (!query_appdb("UPDATE appComments SET versionId = '".$iVersionId."' WHERE commentId = ".$this->iCommentId)) + if (!query_parameters("UPDATE appComments SET versionId = '?' WHERE commentId = '?'", + $iVersionId, $this->iCommentId)) return false; $this->iVersionId = $iVersionId; // FIXME: we need to refetch $this->iAppId. @@ -129,14 +131,16 @@ class Comment { if ($sSubject) { - if (!query_appdb("UPDATE appComments SET subject = '".$sSubject."' WHERE commentId = ".$this->iCommentId)) + if (!query_parameters("UPDATE appComments SET subject = '?' WHERE commentId = '?'", + $sSubject, $this->iCommentId)) return false; $this->sSubject = $sSubject; } if ($sBody) { - if (!query_appdb("UPDATE appComments SET body = '".$sBody."' WHERE commentId = ".$this->iCommentId)) + if (!query_parameters("UPDATE appComments SET body = '?' WHERE commentId = '?'", + $sBody, $this->iCommentId)) return false; $this->sBody = $sBody; } @@ -151,11 +155,12 @@ class Comment { */ function delete($sReason=null) { - $hResult = query_appdb("DELETE FROM appComments WHERE commentId = '".$this->iCommentId."'"); + $hResult = query_parameters("DELETE FROM appComments WHERE commentId = '?'", $this->iCommentId); if ($hResult) { /* fixup the child comments so the parentId points to a valid parent comment */ - $hResult = query_appdb("UPDATE appComments set parentId = '".$this->iParentId."' WHERE parentId = '".$this->iCommentId."'"); + $hResult = query_parameters("UPDATE appComments set parentId = '?' WHERE parentId = '?'", + $this->iParentId, $this->iCommentId); $sEmail = get_notify_email_address_list($this->iAppId, $this->iVersionId); $sEmail .= $this->oOwner->sEmail; if($sEmail) @@ -264,6 +269,10 @@ function view_app_comment($oRow) */ function grab_comments($versionId, $parentId = -1) { + /* escape input so we can use query_appdb() without concern */ + $versionId = mysql_real_escape_string($versionId); + $parentId = mysql_real_escape_string($parentId); + $extra = ""; if($parentId != -1) $extra = "AND parentId = $parentId "; @@ -374,7 +383,7 @@ function view_app_comments($versionId, $threadId = 0) $aClean['mode'] = makeSafe($_REQUEST['mode']); // count posts - $hResult = query_appdb("SELECT commentId FROM appComments WHERE versionId = $versionId"); + $hResult = query_parameters("SELECT commentId FROM appComments WHERE versionId = '?'", $versionId); $messageCount = mysql_num_rows($hResult); //start comment format table diff --git a/include/db.php b/include/db.php index ee68963..835bc2a 100644 --- a/include/db.php +++ b/include/db.php @@ -119,13 +119,22 @@ function query_error($sQuery, $sComment="") * Returns a string ready to be put in a query like this * $sQuery = "UPDATE `foo` $sReturn"; * -* Values are addslashes()'d. +* Values are mysql_real_escape_string()'ed. */ function compile_update_string($aData) { + global $hAppdbLink; + + if(!is_resource($hAppdbLink)) + { + // The last argument makes sure we are really opening a new connection + $hAppdbLink = mysql_connect(APPS_DBHOST, APPS_DBUSER, APPS_DBPASS,true); + mysql_select_db(APPS_DB, $hAppdbLink); + } + foreach ($aData as $k => $v) { - $return .= "`$k`='".addslashes($v)."',"; + $return .= "`$k`='".mysql_real_escape_string($v)."',"; } $return = preg_replace( "/,$/" , "" , $return ); diff --git a/include/distributions.php b/include/distributions.php index 4cd073a..28f429b 100644 --- a/include/distributions.php +++ b/include/distributions.php @@ -28,8 +28,8 @@ class distribution{ { $sQuery = "SELECT * FROM distributions - WHERE distributionId = ".$iDistributionId; - if($hResult = query_appdb($sQuery)) + WHERE distributionId = '?'"; + if($hResult = query_parameters($sQuery, $iDistributionId)) { $oRow = mysql_fetch_object($hResult); $this->iDistributionId = $iDistributionId; @@ -50,7 +50,7 @@ class distribution{ { $sQuery = "SELECT testingId FROM testResults - WHERE distributionId = ".$iDistributionId; + WHERE distributionId = '?'"; } else /* only let users view test results that aren't queued and for apps that */ /* aren't queued or versions that aren't queued */ { @@ -61,10 +61,10 @@ class distribution{ appFamily.appId = appVersion.appId AND appFamily.queued = 'false' AND appVersion.queued = 'false' AND - distributionId = ".$iDistributionId; + distributionId = '?'"; } - if($hResult = query_appdb($sQuery)) + if($hResult = query_parameters($sQuery, $iDistributionId)) { while($oRow = mysql_fetch_object($hResult)) { @@ -80,8 +80,8 @@ class distribution{ //Let's not create a duplicate $sQuery = "SELECT * FROM distributions - WHERE name LIKE '".$this->sName."'"; - $hDuplicate = query_appdb($sQuery, "checking distributions"); + WHERE name LIKE '?'"; + $hDuplicate = query_parameters($sQuery, $this->sName); if(!mysql_num_rows($hDuplicate) == 0) { addmsg("There was an existing Distribution called ".$this->sName.".", "red"); @@ -125,13 +125,16 @@ class distribution{ } $sUpdate = compile_update_string(array( 'name' => $this->sName, 'url' => $this->sUrl )); - if(query_appdb("UPDATE distributions SET ".$sUpdate." WHERE distributionId = ".$this->iDistributionId, "Error while updating Distribution.")) + if(query_parameters("UPDATE distributions SET ".$sUpdate." WHERE distributionId = '?'", + $this->iDistributionId)) { $this->SendNotificationMail("edit"); return true; - } - else + } else + { + addmsg("Error while updating Distribution", "red"); return false; + } } // Delete Distributution. @@ -145,9 +148,9 @@ class distribution{ } // now delete the Distribution $sQuery = "DELETE FROM distributions - WHERE distributionId = ".$this->iDistributionId." + WHERE distributionId = '?' LIMIT 1"; - if(!($hResult = query_appdb($sQuery))) + if(!($hResult = query_parameters($sQuery, $this->iDistributionId))) { addmsg("Error removing the Distribution!", "red"); } @@ -165,20 +168,25 @@ class distribution{ // is the current user allowed to move this Distribution? if(!$_SESSION['current']->hasPriv("admin")) { - return; + return false; } // If we are not in the queue, we can't move the Distribution out of the queue. if(!$this->sQueued == 'true') return false; - $sUpdate = compile_update_string(array('queued' => "false")); - if(query_appdb("UPDATE distribution SET ".$sUpdate." WHERE distributionId = ".$this->iDistributionId, "Error while unqueuing Distribution.")) + if(query_parameters("UPDATE distribution SET queued = '?' WHERE distributionId = '?'", + "false", $this->iDistributionId)) { $this->sQueued = 'false'; // we send an e-mail to intersted people $this->mailSubmitter("unQueue"); $this->SendNotificationMail(); + return true; + } else + { + addmsg("Error while unqueueing Distribution", "red"); + return false; } } @@ -187,15 +195,15 @@ class distribution{ // is the current user allowed to reject this Distribution? if(!$_SESSION['current']->hasPriv("admin")) { - return; + return false; } // If we are not in the queue, we can't move the Distribution out of the queue. if(!$this->sQueued == 'true') return false; - $sUpdate = compile_update_string(array('queued' => "rejected")); - if(query_appdb("UPDATE distribution SET ".$sUpdate." WHERE distributionId = ".$this->iDistributionId, "Error while rejecting Distribution.")) + if(query_parameters("UPDATE distribution SET queued = '?' WHERE distributionId = '?'", + "rejected", $this->iDistributionId)) { $this->sQueued = 'rejected'; // we send an e-mail to intersted people @@ -205,6 +213,11 @@ class distribution{ $this->SendNotificationMail("reject"); } // the Distribution data has been rejected + return true; + } else + { + addmsg("Error while rejecting Distribution", "red"); + return false; } } @@ -214,20 +227,29 @@ class distribution{ if(!$_SESSION['current']->hasPriv("admin") && !($_SESSION['current']->iUserId == $this->iSubmitterId)) { - return; + return false; } - $sUpdate = compile_update_string(array('queued' => "true")); - if(query_appdb("UPDATE testResults SET ".$sUpdate." WHERE testingId = ".$this->iTestingId)) - if(query_appdb("UPDATE distribution SET ".$sUpdate." WHERE distributionId = ".$this->iDistributionId, "Error while requeueing Distribution.")) + if(query_parameters("UPDATE testResults SET queued = '?' WHERE testingId = '?'", + "true", $this->iTestingId)) { - $this->sQueued = 'true'; - // we send an e-mail to intersted people - $this->SendNotificationMail(); + if(query_parameters("UPDATE distribution SET queued = '?' WHERE distributionId = '?'", + "true", $this->iDistributionId)) + { + $this->sQueued = 'true'; + // we send an e-mail to intersted people + $this->SendNotificationMail(); - // the testing data has been resubmitted - addmsg("The Distribution has been resubmitted", "green"); + // the testing data has been resubmitted + addmsg("The Distribution has been resubmitted", "green"); + return true; + } } + + /* something has failed if we fell through to this point without */ + /* returning */ + addmsg("Error requeueing Distribution", "red"); + return false; } function mailSubmitter($sAction="add") @@ -378,8 +400,7 @@ class distribution{ function make_distribution_list($varname, $cvalue) { $sQuery = "SELECT name, distributionId FROM distributions ORDER BY name"; - - $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery); if(!$hResult) return; echo "
URL".$appLinkURL."
Links\n"; @@ -826,7 +827,8 @@ class Version { view_version_bugs($this->iVersionId, $this->aBuglinkIds); - $rNotes = query_appdb("SELECT * FROM appNotes WHERE versionId = ".$this->iVersionId); + $rNotes = query_parameters("SELECT * FROM appNotes WHERE versionId = '?'", + $this->iVersionId); while( $oNote = mysql_fetch_object($rNotes) ) { diff --git a/include/vote.php b/include/vote.php index 429466f..03b8460 100644 --- a/include/vote.php +++ b/include/vote.php @@ -17,7 +17,8 @@ function vote_count($appId, $userId = null) else return 0; } - $hResult = query_appdb("SELECT * FROM appVotes WHERE appId = $appId AND userId = $userId"); + $hResult = query_parameters("SELECT * FROM appVotes WHERE appId = '?' AND userId = '?'", + $appId, $userId); return mysql_num_rows($hResult); } @@ -34,7 +35,7 @@ function vote_count_user_total($userId = null) else return 0; } - $hResult = query_appdb("SELECT * FROM appVotes WHERE userId = $userId"); + $hResult = query_parameters("SELECT * FROM appVotes WHERE userId = '?'", $userId); return mysql_num_rows($hResult); } @@ -44,7 +45,7 @@ function vote_count_user_total($userId = null) */ function vote_count_app_total($appId) { - $hResult = query_appdb("SELECT * FROM appVotes WHERE appId = $appId"); + $hResult = query_parameters("SELECT * FROM appVotes WHERE appId = '?'", $appId); return mysql_num_rows($hResult); } @@ -86,8 +87,8 @@ function vote_remove($slot, $userId = null) return; } - $sQuery="DELETE FROM appVotes WHERE userId = $userId AND slot = $slot"; - query_appdb($sQuery); + $sQuery = "DELETE FROM appVotes WHERE userId = '?' AND slot = '?'"; + query_parameters($sQuery, $userId, $slot); } @@ -100,7 +101,7 @@ function vote_get_user_votes($userId = null) if(!$userId) return array(); } - $hResult = query_appdb("SELECT * FROM appVotes WHERE userId = $userId"); + $hResult = query_parameters("SELECT * FROM appVotes WHERE userId = '?'", $userId); if(!$hResult) return array(); @@ -196,8 +197,8 @@ function is_vote_in_slot($slot, $userId = null) return; } - $sQuery="SELECT COUNT(*) as count from appVotes WHERE userId = '".$userId."' AND slot = '".$slot."';"; - if($hResult = query_appdb($sQuery)) + $sQuery = "SELECT COUNT(*) as count from appVotes WHERE userId = '?' AND slot = '?'"; + if($hResult = query_parameters($sQuery, $userId, $slot)) { $oRow = mysql_fetch_object($hResult); if($oRow->count != 0) diff --git a/index.php b/index.php index 4a8b9ba..c998421 100644 --- a/index.php +++ b/index.php @@ -63,7 +63,7 @@ If you have screenshots or links to contribute, please browse the database and u "FROM appVotes, appFamily ". "WHERE appVotes.appId = appFamily.appId ". "GROUP BY appId ORDER BY count DESC LIMIT 1"; - $hResult = query_appdb($voteQuery); + $hResult = query_parameters($voteQuery); $oRow = mysql_fetch_object($hResult); $voteAppId = $oRow->appId; diff --git a/preferences.php b/preferences.php index 3ac05de..94e8e76 100644 --- a/preferences.php +++ b/preferences.php @@ -54,7 +54,7 @@ if($_SESSION['current']->hasPriv("admin") && function build_prefs_list() { global $oUser; - $hResult = query_appdb("SELECT * FROM prefs_list ORDER BY id"); + $hResult = query_parameters("SELECT * FROM prefs_list ORDER BY id"); while($hResult && $r = mysql_fetch_object($hResult)) { //skip admin options diff --git a/vendorview.php b/vendorview.php index df05e3b..bc4232e 100644 --- a/vendorview.php +++ b/vendorview.php @@ -73,8 +73,7 @@ else apidb_header("View Vendors"); //get available vendors - $sQuery = "SELECT vendorId FROM vendor ORDER BY vendorName, vendorId;"; - $hResult = query_appdb($sQuery); + $hResult = query_parameters("SELECT vendorId FROM vendor ORDER BY vendorName, vendorId;"); // show vendorlist echo "\n\n"; diff --git a/viewScreenshots.php b/viewScreenshots.php index fc961cf..0cdd4c2 100644 --- a/viewScreenshots.php +++ b/viewScreenshots.php @@ -64,9 +64,10 @@ echo ""; echo ""; /* query for all of the Screenshots in assending order */ -$Ids = query_appdb("SELECT * from appData - WHERE type = 'image' - ORDER BY id ASC LIMIT $offset, $ItemsPerPage;"); +$Ids = query_parameters("SELECT * from appData + WHERE type = 'image' + ORDER BY id ASC LIMIT ?, ?", + $offset, $ItemsPerPage); $c = 1; echo "
\n"; while ($oRow = mysql_fetch_object($Ids)) diff --git a/viewbugs.php b/viewbugs.php index eccde97..d1e7843 100644 --- a/viewbugs.php +++ b/viewbugs.php @@ -29,17 +29,17 @@ if( !is_numeric($aClean['bug_id'])) echo '',"\n"; - $sQuery = "SELECT appFamily.description as appDescription, - appFamily.appName as appName, - appVersion.*, buglinks.versionId as versionId - FROM appFamily, appVersion, buglinks - WHERE appFamily.appId = appVersion.appId - and buglinks.versionId = appVersion.versionId - AND buglinks.bug_id = ".$aClean['bug_id']." - ORDER BY versionName"; + $hResult = query_parameters("SELECT appFamily.description as appDescription, + appFamily.appName as appName, + appVersion.*, buglinks.versionId as versionId + FROM appFamily, appVersion, buglinks + WHERE appFamily.appId = appVersion.appId + and buglinks.versionId = appVersion.versionId + AND buglinks.bug_id = '?' + ORDER BY versionName", $aClean['bug_id']); $c = 0; - if($hResult = query_appdb($sQuery)) + if($hResult) { while($oRow = mysql_fetch_object($hResult)) { diff --git a/votestats.php b/votestats.php index 7430c52..4d21e70 100644 --- a/votestats.php +++ b/votestats.php @@ -66,8 +66,8 @@ if($catId != 0) do { $catQuery = "SELECT appCategory.catName, appCategory.catParent ". - "FROM appCategory WHERE appCategory.catId = '$currentCatId';"; - $hResult = query_appdb($catQuery); + "FROM appCategory WHERE appCategory.catId = '?'"; + $hResult = query_parameters($catQuery, $currentCatId); if($hResult) { @@ -142,10 +142,10 @@ echo '
'; if(strcasecmp($categoryId, "any") == 0) { /* leave out the appFamily.catId = '$categoryId' */ - $sVoteQuery = "SELECT appVotes.appId, appName, count(userId) as count ". - "FROM appVotes, appFamily ". - "WHERE appVotes.appId = appFamily.appId ". - "GROUP BY appId ORDER BY count DESC LIMIT $topNumber"; + $hResult = query_parameters("SELECT appVotes.appId, appName, count(userId) as count ". + "FROM appVotes, appFamily ". + "WHERE appVotes.appId = appFamily.appId ". + "GROUP BY appId ORDER BY count DESC LIMIT ?", $topNumber); } else { /* Display all application for a given category (including sub categories) @@ -156,19 +156,19 @@ if(strcasecmp($categoryId, "any") == 0) c.catId =29 OR c.catParent =29)*/ - $sVoteQuery = "SELECT v.appId, f.appName, count( v.appId ) AS count + $hResult = query_parameters("SELECT v.appId, f.appName, count( v.appId ) AS count FROM appFamily AS f, appCategory AS c, appVotes AS v WHERE v.appId = f.appId AND f.catId = c.catId AND ( - c.catId = '$categoryId' - OR c.catParent = '$categoryId' + c.catId = '?' + OR c.catParent = '?' ) GROUP BY appId - ORDER BY count DESC LIMIT $topNumber"; + ORDER BY count DESC LIMIT ?", $categoryId, $categoryId, $topNumber); } -if($hResult = query_appdb($sVoteQuery)) +if($hResult) { echo html_frame_start("", "90%", '', 0); echo html_table_begin("width='100%' align=center");