From: Andrew Dolgov Date: Mon, 22 May 2006 05:13:44 +0000 (+0100) Subject: security fixes in filter editor X-Git-Tag: 1.2.0~41 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=9cd30721df336c149601ee07210dc1a553ce586d;p=tt-rss.git security fixes in filter editor --- diff --git a/backend.php b/backend.php index dd94a93b..2ffbea3d 100644 --- a/backend.php +++ b/backend.php @@ -2099,7 +2099,7 @@ $filter_id = db_escape_string($_GET["id"]); $result = db_query($link, - "SELECT * FROM ttrss_filters WHERE id = '$filter_id'"); + "SELECT * FROM ttrss_filters WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); $reg_exp = htmlspecialchars(db_unescape_string(db_fetch_result($result, 0, "reg_exp"))); $filter_type = db_fetch_result($result, 0, "filter_type"); @@ -2199,7 +2199,7 @@ feed_id = $feed_id, action_id = '$action_id', filter_type = '$filter_type' - WHERE id = '$filter_id'"); + WHERE id = '$filter_id' AND owner_uid = " . $_SESSION["uid"]); } if ($subop == "remove") { @@ -2209,7 +2209,7 @@ $ids = split(",", db_escape_string($_GET["ids"])); foreach ($ids as $id) { - db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id'"); + db_query($link, "DELETE FROM ttrss_filters WHERE id = '$id' AND owner_uid = ". $_SESSION["uid"]); } }