From 9f3c651ccd3f0f43a9d8d61cff4b71e3e29069d7 Mon Sep 17 00:00:00 2001 From: Brett Profitt Date: Sun, 4 Sep 2011 17:43:56 -0700 Subject: Refs #3661. Merged XSS fixes in search to master. --- engine/lib/entities.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'engine/lib/entities.php') diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 10313fc8c..68aa7c8fb 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1118,8 +1118,12 @@ function elgg_get_guid_based_where_sql($column, $guids) { $guids_sanitized = array(); foreach ($guids as $guid) { - if (($guid != sanitise_int($guid))) { - return FALSE; + if ($guid !== ELGG_ENTITIES_NO_VALUE) { + $guid = sanitise_int($guid); + + if (!$guid) { + return false; + } } $guids_sanitized[] = $guid; } -- cgit v1.2.3 From 0cf99813eb034aa1219a15ba86a105d63a584cc0 Mon Sep 17 00:00:00 2001 From: Brett Profitt Date: Sun, 4 Sep 2011 17:55:26 -0700 Subject: Fixes #3661. Pulled in recursive delete fixes to master. --- engine/lib/entities.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'engine/lib/entities.php') diff --git a/engine/lib/entities.php b/engine/lib/entities.php index 68aa7c8fb..cea8af1da 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -1498,6 +1498,7 @@ function delete_entity($guid, $recursive = true) { $entity_disable_override = access_get_show_hidden_status(); access_show_hidden_entities(true); + $ia = elgg_set_ignore_access(true); $sub_entities = get_data("SELECT * from {$CONFIG->dbprefix}entities WHERE container_guid=$guid or owner_guid=$guid @@ -1510,6 +1511,7 @@ function delete_entity($guid, $recursive = true) { access_show_hidden_entities($entity_disable_override); $__RECURSIVE_DELETE_TOKEN = null; + elgg_set_ignore_access($ia); } // Now delete the entity itself -- cgit v1.2.3 From 90f5e694f6e7005f35297f9493f5caeedcf25a8c Mon Sep 17 00:00:00 2001 From: Brett Profitt Date: Wed, 28 Sep 2011 22:05:31 -0700 Subject: Fixes #3713. elgg_get_entities() and friends return false if passed invalid options. --- engine/lib/entities.php | 6 +++--- engine/lib/metastrings.php | 6 +++--- engine/lib/river.php | 12 ++++++------ engine/lib/tags.php | 5 ++--- engine/tests/api/entity_getter_functions.php | 9 +++++++++ 5 files changed, 23 insertions(+), 15 deletions(-) (limited to 'engine/lib/entities.php') diff --git a/engine/lib/entities.php b/engine/lib/entities.php index cea8af1da..abf7395e7 100644 --- a/engine/lib/entities.php +++ b/engine/lib/entities.php @@ -846,9 +846,6 @@ function elgg_get_entities(array $options = array()) { $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -859,6 +856,9 @@ function elgg_get_entities(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + // evaluate join clauses if (!is_array($options['joins'])) { $options['joins'] = array($options['joins']); diff --git a/engine/lib/metastrings.php b/engine/lib/metastrings.php index d444121d0..8c00fb2ad 100644 --- a/engine/lib/metastrings.php +++ b/engine/lib/metastrings.php @@ -360,9 +360,6 @@ function elgg_get_metastring_based_objects($options) { $wheres[] = elgg_get_guid_based_where_sql('n_table.owner_guid', $options['metastring_owner_guids']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -373,6 +370,9 @@ function elgg_get_metastring_based_objects($options) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + // evaluate join clauses if (!is_array($options['joins'])) { $options['joins'] = array($options['joins']); diff --git a/engine/lib/river.php b/engine/lib/river.php index a11e6145c..e283c0595 100644 --- a/engine/lib/river.php +++ b/engine/lib/river.php @@ -170,9 +170,6 @@ function elgg_delete_river(array $options = array()) { $wheres[] = "rv.posted <= {$options['posted_time_upper']}"; } - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -183,6 +180,9 @@ function elgg_delete_river(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + $query = "DELETE rv.* FROM {$CONFIG->dbprefix}river rv "; // remove identical join clauses @@ -304,9 +304,6 @@ function elgg_get_river(array $options = array()) { } } - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -317,6 +314,9 @@ function elgg_get_river(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); + if (!$options['count']) { $query = "SELECT DISTINCT rv.* FROM {$CONFIG->dbprefix}river rv "; } else { diff --git a/engine/lib/tags.php b/engine/lib/tags.php index 1116d63f3..64feed5b2 100644 --- a/engine/lib/tags.php +++ b/engine/lib/tags.php @@ -184,9 +184,6 @@ function elgg_get_tags(array $options = array()) { $wheres[] = elgg_get_entity_time_where_sql('e', $options['created_time_upper'], $options['created_time_lower'], $options['modified_time_upper'], $options['modified_time_lower']); - // remove identical where clauses - $wheres = array_unique($wheres); - // see if any functions failed // remove empty strings on successful functions foreach ($wheres as $i => $where) { @@ -197,6 +194,8 @@ function elgg_get_tags(array $options = array()) { } } + // remove identical where clauses + $wheres = array_unique($wheres); $joins = $options['joins']; diff --git a/engine/tests/api/entity_getter_functions.php b/engine/tests/api/entity_getter_functions.php index aef7a991e..59b48999c 100644 --- a/engine/tests/api/entity_getter_functions.php +++ b/engine/tests/api/entity_getter_functions.php @@ -2789,4 +2789,13 @@ class ElggCoreEntityGetterFunctionsTest extends ElggCoreUnitTest { $this->assertEqual($a_e_map[$a->id], $a->owner_guid); } } + + public function testElggGetEntitiesBadWheres() { + $options = array( + 'container_guid' => 'abc' + ); + + $entities = elgg_get_entities($options); + $this->assertFalse($entities); + } } -- cgit v1.2.3