diff options
author | Isaac Bennetch <bennetch@gmail.com> | 2020-03-19 05:16:53 +0300 |
---|---|---|
committer | Isaac Bennetch <bennetch@gmail.com> | 2020-03-19 05:16:53 +0300 |
commit | 3258978c38bee8cb4b99f249dffac9c8aaea2d80 (patch) | |
tree | faace28b633712ab70a18dcfbc83555ec03cd543 /libraries | |
parent | 0184c2884edfd2c93f923960516837dba75e6227 (diff) |
More escaping of username and password.
Improves upon 89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad
Signed-off-by: Isaac Bennetch <bennetch@gmail.com>
Diffstat (limited to 'libraries')
-rw-r--r-- | libraries/classes/Server/Privileges.php | 8 | ||||
-rw-r--r-- | libraries/classes/UserPassword.php | 10 |
2 files changed, 10 insertions, 8 deletions
diff --git a/libraries/classes/Server/Privileges.php b/libraries/classes/Server/Privileges.php index 256cd8084a..a62d111606 100644 --- a/libraries/classes/Server/Privileges.php +++ b/libraries/classes/Server/Privileges.php @@ -1971,8 +1971,8 @@ class Privileges . " `authentication_string` = '" . $hashedPassword . "', `Password` = '', " . " `plugin` = '" . $authentication_plugin . "'" - . " WHERE `User` = '" . $username . "' AND Host = '" - . $hostname . "';"; + . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) + . "' AND Host = '" . $GLOBALS['dbi']->escapeString($hostname) . "';"; } else { // USE 'SET PASSWORD ...' syntax for rest of the versions // Backup the old value, to be reset later @@ -1982,8 +1982,8 @@ class Privileges $orig_value = $row['@@old_passwords']; $update_plugin_query = "UPDATE `mysql`.`user` SET" . " `plugin` = '" . $authentication_plugin . "'" - . " WHERE `User` = '" . $username . "' AND Host = '" - . $hostname . "';"; + . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) + . "' AND Host = '" . $GLOBALS['dbi']->escapeString($hostname) . "';"; // Update the plugin for the user if (!($GLOBALS['dbi']->tryQuery($update_plugin_query))) { diff --git a/libraries/classes/UserPassword.php b/libraries/classes/UserPassword.php index 585463fe56..be7d2e41a5 100644 --- a/libraries/classes/UserPassword.php +++ b/libraries/classes/UserPassword.php @@ -114,7 +114,8 @@ class UserPassword if ($serverType == 'MySQL' && $serverVersion >= 50706 ) { - $sql_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname + $sql_query = 'ALTER USER \'' . $GLOBALS['dbi']->escapeString($username) + . '\'@\'' . $GLOBALS['dbi']->escapeString($hostname) . '\' IDENTIFIED WITH ' . $orig_auth_plugin . ' BY ' . (($password == '') ? '\'\'' : '\'***\''); } elseif (($serverType == 'MySQL' @@ -182,7 +183,8 @@ class UserPassword $serverVersion = $GLOBALS['dbi']->getVersion(); if ($serverType == 'MySQL' && $serverVersion >= 50706) { - $local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' + $local_query = 'ALTER USER \'' . $GLOBALS['dbi']->escapeString($username) + . '\'@\'' . $GLOBALS['dbi']->escapeString($hostname) . '\'' . ' IDENTIFIED with ' . $orig_auth_plugin . ' BY ' . (($password == '') ? '\'\'' @@ -208,8 +210,8 @@ class UserPassword . " `authentication_string` = '" . $hashedPassword . "', `Password` = '', " . " `plugin` = '" . $orig_auth_plugin . "'" - . " WHERE `User` = '" . $username . "' AND Host = '" - . $hostname . "';"; + . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) + . "' AND Host = '" . $GLOBALS['dbi']->escapeString($hostname) . "';"; } else { $local_query = 'SET password = ' . (($password == '') ? '\'\'' |