Text only | Text with Images

VirtueMart Forum

VirtueMart 2 + 3 + 4 => Virtuemart Development and bug reports => Topic started by: kyrotomia on November 14, 2011, 22:56:18 PM

Title: writeData() in the vmPlugin class is not escaped
Post by: kyrotomia on November 14, 2011, 22:56:18 PM

The vmPlugin Class (components/com_virtuemart/helpers/vmplugin.php) has a function writeData($_values, $_table) that write data to the inherited plugin's database.


Line 191 to 195 of the version I got (supposed to be latest)
Code Select

foreach ($_values as $_col => $_val) {
   $_cols[] = "`$_col`";
   $_vals[] = "'$_val'";
}
$_db = JFactory::getDBO();


This has some issue with string values as they are not escaped, leading to potential problems. Those line should reads :

Code Select

$_db = JFactory::getDBO();
foreach ($_values as $_col => $_val) {
   $_cols[] = "`$_col`";
   $_vals[] = "'{$_db->getEscaped($_val)}'";
}


This way, string insertion is safer and causes no more problems.
Title: Re: writeData() in the vmPlugin class is not escaped
Post by: Milbo on November 15, 2011, 21:04:00 PM
This function is completly replaced already take a look to the svn.
Text only | Text with Images