|
In-Portal Issue Tracker - In-Portal CMS
|
|
Viewing Issue Advanced Details |
|
|
ID:
|
Category:
|
Type:
|
Reproducibility:
|
Date Submitted:
|
Last Update:
|
|
1180 |
[In-Portal CMS] Database |
feature request |
N/A |
2011-12-20 04:04 |
2012-07-25 05:32 |
|
|
Reporter:
|
alex |
Platform:
|
|
|
|
Assigned To:
|
alex |
OS:
|
|
|
|
Priority:
|
normal |
OS Version:
|
|
|
|
Status:
|
closed |
Product Version:
|
5.1.3 |
|
|
Product Build:
|
|
Resolution:
|
fixed |
|
| |
|
ETA:
|
none |
Fixed in Version:
|
5.2.0-B1 |
|
|
Reference:
|
https://groups.google.com/d/topic/in-portal-dev/e7YXu-kvqj0/discussion |
|
Change Log Message:
|
Adds qstrArray function to escape whole array |
|
Estimate Points:
|
1 |
|
|
Summary:
|
0001180: Improvement of "qstr" function |
|
Description:
|
In-Portal uses "kDBConnection::qstr" function to escape user request variables before placing their values into database. This prevents sql injections.
However there are cases, when there is a need to escape whole array of values.
I've created kDBConnection:qstrArray function that easily allows to do that. |
|
Steps To Reproduce:
|
|
|
Additional Information:
|
|
| Relationships | |
|
Attached Files:
|
 qstr_improvement_core.patch (6,153) 2011-12-20 04:04
http://tracker.in-portal.org/file_download.php?file_id=1387&type=bug
qstr_improvement_modules.patch (1,173) 2011-12-20 04:04
http://tracker.in-portal.org/file_download.php?file_id=1388&type=bug |
|
|
Issue History |
|
Date Modified |
Username |
Field |
Change |
|
2012-07-25 05:32 |
alex |
Note Added: 0005022 |
|
|
2012-07-25 05:32 |
alex |
Status |
resolved => closed |
|
2011-12-20 04:44 |
alex |
Note Added: 0004283 |
|
|
2011-12-20 04:44 |
alex |
Status |
reviewed and tested => resolved |
|
2011-12-20 04:44 |
alex |
Fixed in Version |
=> 5.2.0-B1 |
|
2011-12-20 04:44 |
alex |
Resolution |
open => fixed |
|
2011-12-20 04:44 |
alex |
Assigned To |
!COMMUNITY => alex |
|
2011-12-20 04:44 |
alex |
Changeset attached |
5.2.x r14888 |
|
2011-12-20 04:44 |
alex |
Changeset attached |
5.2.x r14887 |
|
2011-12-20 04:43 |
alex |
Note Added: 0004282 |
|
|
2011-12-20 04:43 |
alex |
Status |
needs testing => reviewed and tested |
|
2011-12-20 04:43 |
alex |
Assigned To |
=> !COMMUNITY |
|
2011-12-20 04:43 |
alex |
Developer |
=> alex |
|
2011-12-20 04:43 |
alex |
Status |
active => needs testing |
|
2011-12-20 04:43 |
alex |
Reference |
=> https://groups.google.com/d/topic/in-portal-dev/e7YXu-kvqj0/discussion |
|
2011-12-20 04:04 |
alex |
File Added: qstr_improvement_modules.patch |
|
|
2011-12-20 04:04 |
alex |
New Issue |
|
|
2011-12-20 04:04 |
alex |
File Added: qstr_improvement_core.patch |
|
|
2011-12-20 04:04 |
alex |
Change Log Message |
=> Adds qstrArray function to escape whole array |
|
2011-12-20 04:04 |
alex |
Estimate Points |
=> 1 |