james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

only sql-escape if we're going to the database, not the accelerator

Browse Source
This commit is contained in:
Shish 2019-06-16 19:25:40 +01:00
parent e232811e8c
commit 1d10baa719
3 changed files with 22 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
core/imageboard/image.php
View File

@ -198,6 +198,10 @@ class Image
$yays = 0; $yays = 0;
$nays = 0; $nays = 0;
foreach ($tag_conditions as $tq) { foreach ($tag_conditions as $tq) {
if (strpos($tq->tag, "*") !== false) {
// can't deal with wildcards
return null;
}
if ($tq->positive) { if ($tq->positive) {
$yays++; $yays++;
$ret["yays"][] = $tq->tag; $ret["yays"][] = $tq->tag;
@ -354,12 +358,8 @@ class Image
$img_conditions[] = new ImgCondition($querylet, $positive); $img_conditions[] = new ImgCondition($querylet, $positive);
} }
} else { } else {
// if the whole match is wild, skip this; // if the whole match is wild, skip this
// if not, translate into SQL
if (str_replace("*", "", $term) != "") { if (str_replace("*", "", $term) != "") {
$term = str_replace('_', '\_', $term);
$term = str_replace('%', '\%', $term);
$term = str_replace('*', '%', $term);
$tag_conditions[] = new TagCondition($term, $positive); $tag_conditions[] = new TagCondition($term, $positive);
} }
} }
@ -912,7 +912,7 @@ class Image
GROUP BY images.id GROUP BY images.id
) AS images ) AS images
WHERE 1=1 WHERE 1=1
"), ["tag"=>$tag_conditions[0]->tag]); "), ["tag"=>Tag::sqlify($tag_conditions[0]->tag)]);
} }
// more than one positive tag, or more than zero negative tags // more than one positive tag, or more than zero negative tags
@ -986,7 +986,7 @@ class Image
FROM tags FROM tags
WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag) WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag)
"), "),
["tag" => $tq->tag] ["tag" => Tag::sqlify($tq->tag)]
); );
if ($tq->positive) { if ($tq->positive) {
$positive_tag_id_array = array_merge($positive_tag_id_array, $tag_ids); $positive_tag_id_array = array_merge($positive_tag_id_array, $tag_ids);
@ -1062,7 +1062,7 @@ class Image
foreach ($tag_conditions as $tq) { foreach ($tag_conditions as $tq) {
$sign = $tq->positive ? "+" : "-"; $sign = $tq->positive ? "+" : "-";
$sql .= ' '.$sign.' IF(SUM(tag LIKE :tag'.Image::$tag_n.'), 1, 0)'; $sql .= ' '.$sign.' IF(SUM(tag LIKE :tag'.Image::$tag_n.'), 1, 0)';
$terms['tag'.Image::$tag_n] = $tq->tag; $terms['tag'.Image::$tag_n] = Tag::sqlify($tq->tag);
Image::$tag_n++; Image::$tag_n++;
} }
$tag_search = new Querylet($sql, $terms); $tag_search = new Querylet($sql, $terms);
@ -1076,7 +1076,7 @@ class Image
FROM tags FROM tags
WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag) WHERE SCORE_STRNORM(tag) LIKE SCORE_STRNORM(:tag)
"), "),
["tag" => $tq->tag] ["tag" => Tag::sqlify($tq->tag)]
); );
$tag_id_array = array_merge($tag_id_array, $tag_ids); $tag_id_array = array_merge($tag_id_array, $tag_ids);

8
core/imageboard/tag.php
View File

@ -100,4 +100,12 @@ class Tag
return $tag_array; return $tag_array;
} }
public static function sqlify(string $term): string
{
$term = str_replace('_', '\_', $term);
$term = str_replace('%', '\%', $term);
$term = str_replace('*', '%', $term);
return $term;
}
} }

2
ext/view/main.php
View File

@ -126,7 +126,7 @@ class ViewImage extends Extension
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("post/view/{$image->id}", $query)); $page->set_redirect(make_link("post/view/{$image->id}", $query));
} elseif ($event->page_matches("post/view")) { } elseif ($event->page_matches("post/view")) {
if(!is_numeric($event->get_arg(0))) { if (!is_numeric($event->get_arg(0))) {
// For some reason there exists some very broken mobile client // For some reason there exists some very broken mobile client
// who follows up every request to '/post/view/123' with // who follows up every request to '/post/view/123' with
// '/post/view/12300000000000Image 123: tags' which spams the // '/post/view/12300000000000Image 123: tags' which spams the