News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

writeData() in the vmPlugin class is not escaped

Started by kyrotomia, November 14, 2011, 22:56:18 PM

Previous topic - Next topic

kyrotomia


The vmPlugin Class (components/com_virtuemart/helpers/vmplugin.php) has a function writeData($_values, $_table) that write data to the inherited plugin's database.


Line 191 to 195 of the version I got (supposed to be latest)

foreach ($_values as $_col => $_val) {
   $_cols[] = "`$_col`";
   $_vals[] = "'$_val'";
}
$_db = JFactory::getDBO();


This has some issue with string values as they are not escaped, leading to potential problems. Those line should reads :


$_db = JFactory::getDBO();
foreach ($_values as $_col => $_val) {
   $_cols[] = "`$_col`";
   $_vals[] = "'{$_db->getEscaped($_val)}'";
}


This way, string insertion is safer and causes no more problems.

Milbo

This function is completly replaced already take a look to the svn.
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/