]> git.wh0rd.org Git - tt-rss.git/commitdiff
security fixes in filter editor
authorAndrew Dolgov <fox@madoka.spb.ru>
Mon, 22 May 2006 05:13:44 +0000 (06:13 +0100)
committerAndrew Dolgov <fox@madoka.spb.ru>
Mon, 22 May 2006 05:13:44 +0000 (06:13 +0100)
backend.php

index dd94a93b9feecaa4e8231334e6dd6a78a5cdc55b..2ffbea3d12300533e494215e5c2ca0cd397ec110 100644 (file)
                        $filter_id = db_escape_string($_GET["id"]);
 
                        $result = db_query($link, 
-                               "SELECT * FROM ttrss_filters WHERE id = '$filter_id'");
+                               "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
 
                        $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp")));
                        $filter_type = db_fetch_result($result, 0, "filter_type");
                                        feed_id = $feed_id,
                                        action_id = '$action_id',
                                        filter_type = '$filter_type'
-                               WHERE id = '$filter_id'");
+                               WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]);
                }
 
                if ($subop == "remove") {
                                $ids = split(",", db_escape_string($_GET["ids"]));
 
                                foreach ($ids as $id) {
-                                       db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'");
+                                       db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]);
                                        
                                }
                        }