Fix CVE-2023-36995

This commit is contained in:
nixpc
2023-07-06 23:02:00 +02:00
parent 78b2bddde4
commit e39ca488a9
5 changed files with 9 additions and 6 deletions
+1
View File
@@ -82,6 +82,7 @@ class adm_DB {
$bcrypted = false;
}
$username = htmlspecialchars($username);
if($pwOk) {
// update password to bcrypt, if correct
if (!$dbarray['is_bcrypt'] && !$bcrypted) {
+2
View File
@@ -3109,6 +3109,8 @@ class MYSQLi_DB implements IDbConnection {
*****************************************/
function createAlliance($tag, $name, $uid, $max) {
list($tag, $name, $uid, $max) = $this->escape_input($tag, $name, (int) $uid, (int) $max);
$tag = $this->RemoveXSS($tag);
$name = $this->RemoveXSS($name);
$q = "INSERT into " . TB_PREFIX . "alidata values (0,'$name','$tag',$uid,0,0,0,'','',$max,0,0,0,0,0,0,0,0,0)";
mysqli_query($this->dblink,$q);
+3 -3
View File
@@ -163,7 +163,7 @@
private function getStart($search) {
$multiplier = 1;
if(!is_numeric($search)) {
$_SESSION['search'] = $search;
$_SESSION['search'] = htmlspecialchars($search);
} else {
if($search > count($this->rankarray)) {
$search = count($this->rankarray) - 1;
@@ -172,8 +172,8 @@
$multiplier += 1;
}
$start = 20 * $multiplier - 19 - 1;
$_SESSION['search'] = $search;
$_SESSION['start'] = $start;
$_SESSION['search'] = htmlspecialchars($search);
$_SESSION['start'] = htmlspecialchars($start);
}
}