Wow! Thanks to everybody! Now, since there are so many revisions, can someone post the complete, secure code?
Erin
On Wed, 2006-05-03 at 13:59 -0700, Brion Vibber wrote:
Christophe PROME wrote:
$titre_page = $title->getText(); $titre_page = str_replace(" ","_", $titre_page);[snip]
// --- 1ère requête : id de la page --- // $res1 = $dbw->query("SELECT page_id FROM $table_1 WHEREpage_title="$titre_page";");
This is an SQL injection vulnerability; unescaped user-provided text in the query.
Note that you could save yourself some trouble here by just calling $title->getArticleId(). :)
// ---- 2ème requête : nom de l'utilisateur ---/ $res2 = $dbw->query("SELECT rev_user_text FROM $table_2 WHERErev_page = "$id_page" LIMIT 1;");
You should use "ORDER BY rev_timestamp LIMIT 1" to ensure that the proper index sort is used.
-- brion vibber (brion @ pobox.com)
MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l