Plugin Directory

Changeset 490070 for my-calendar


Ignore:
Timestamp:
01/15/2012 01:22:22 AM (13 years ago)
Author:
joedolson
Message:

Security upgrade to fix XSS vulnerability.

Location:
my-calendar/trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • my-calendar/trunk/my-calendar-event-manager.php

    r488257 r490070  
    375375                mc_split_event( $event_id, $instance );
    376376            }
    377             $sql = "DELETE FROM " . my_calendar_table() . " WHERE event_id='" . mysql_real_escape_string($event_id) . "'";
     377            $sql = "DELETE FROM " . my_calendar_table() . " WHERE event_id='" . (int) $event_id . "'";
    378378            $wpdb->query($sql);
    379             $sql = "SELECT event_id FROM " . my_calendar_table() . " WHERE event_id='" . mysql_real_escape_string($event_id) . "'";
     379            $sql = "SELECT event_id FROM " . my_calendar_table() . " WHERE event_id='" . (int) $event_id . "'";
    380380            $result = $wpdb->get_results($sql);
    381381            if ( empty($result) || empty($result[0]->event_id) ) {
     
    399399            return "<div class=\"error\"><p>".__('Sorry! That\'s an invalid event key.','my-calendar')."</p></div>";
    400400        } else {
    401             $data = $wpdb->get_results("SELECT * FROM " . my_calendar_table() . " WHERE event_id='" . mysql_real_escape_string($event_id) . "' LIMIT 1");
     401            $data = $wpdb->get_results("SELECT * FROM " . my_calendar_table() . " WHERE event_id='" . (int) $event_id . "' LIMIT 1");
    402402            if ( empty($data) ) {
    403403                return "<div class=\"error\"><p>".__("Sorry! We couldn't find an event with that ID.",'my-calendar')."</p></div>";
  • my-calendar/trunk/my-calendar-group-manager.php

    r487273 r490070  
    168168            return "<div class=\"error\"><p>".__('Sorry! That\'s an invalid event key.','my-calendar')."</p></div>";
    169169        } else {
    170             $data = $wpdb->get_results("SELECT * FROM " . my_calendar_table() . " WHERE event_id='" . mysql_real_escape_string($event_id) . "' LIMIT 1");
     170            $data = $wpdb->get_results("SELECT * FROM " . my_calendar_table() . " WHERE event_id='" . (int) $event_id . "' LIMIT 1");
    171171            if ( empty($data) ) {
    172172                return "<div class=\"error\"><p>".__("Sorry! We couldn't find an event with that ID.",'my-calendar')."</p></div>";
  • my-calendar/trunk/my-calendar-output.php

    r487273 r490070  
    345345    parse_str($_SERVER['QUERY_STRING'],$qsa);
    346346    foreach ($qsa as $name => $argument) {
     347        $name = esc_url(strip_tags($argument));
     348        $argument = esc_url(strip_tags($argument));
    347349        if ($name != 'month' && $name != 'yr' && $name != 'dy' ) {
    348350            $date_switcher .= '<input type="hidden" name="'.$name.'" value="'.$argument.'" />';
     
    441443    $my_calendar_body .= apply_filters('mc_before_calendar','',$args);
    442444    $main_class = ( $name !='' )?sanitize_title($name):'all';
    443     $cid = ( isset($_GET['cid'] ) )?$_GET['cid']:'all';
     445    $cid = ( isset($_GET['cid'] ) )?wp_kses($_GET['cid']):'all';
    444446    $format = ( mc_is_mobile() )?'list':$format;
    445447    $date_format = ( get_option('mc_date_format') != '' )?get_option('mc_date_format'):get_option('date_format');
  • my-calendar/trunk/my-calendar-settings.php

    r487273 r490070  
    3838            $name = mysql_real_escape_string($key['category_name']);
    3939            $color = mysql_real_escape_string($key['category_colour']);
    40             $id = mysql_real_escape_string($key['category_id']);
     40            $id = (int) $key['category_id'];
    4141            $catsql = "INSERT INTO " . my_calendar_categories_table() . " SET
    4242                category_id='".$id."',
  • my-calendar/trunk/my-calendar.php

    r488257 r490070  
    66Author: Joseph C Dolson
    77Author URI: http://www.joedolson.com
    8 Version: 1.10.1
     8Version: 1.10.2
    99*/
    1010/*  Copyright 2009-2012  Joe Dolson (email : joe@joedolson.com)
     
    2525*/
    2626global $mc_version, $wpdb;
    27 $mc_version = '1.10.1';
     27$mc_version = '1.10.2';
    2828
    2929// Define the tables used in My Calendar
  • my-calendar/trunk/readme.txt

    r488257 r490070  
    8080
    8181== Changelog ==
     82
     83= 1.10.2 =
     84
     85* Critical security update. Please upgrade promptly. Big thank you to Dean Batha for the bug report.
    8286
    8387= 1.10.1 =
     
    706710== Upgrade Notice ==
    707711
     712- Version 1.10.2 is a CRITICAL SECURITY UPGRADE. Please upgrade promptly.
    708713- Version 1.10.0 adds a printable view, multi-day events, and a few additional new options.
    709714- Version 1.9.0 incorporated many new event editing and management options and a refresh of My Calendar's styles and scripts. Some changes will require updated styles or scripts to work properly. Updated JavaScript and styles <em>will not be installed by default</em>, in order to avoid overwriting any custom changes, but you can update styles and scripts on their editing pages.
Note: See TracChangeset for help on using the changeset viewer.