Fixes security issue in User::getLogin introduced in 7de5cd885589022b78b29d7881ec9922...

author Stéphane Jacob <sj@m4x.org>

Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)

committer Stéphane Jacob <sj@m4x.org>

Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)
author Stéphane Jacob <sj@m4x.org>
Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)
committer Stéphane Jacob <sj@m4x.org>
Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)
diff --git a/classes/user.php b/classes/user.php

index a0b28ea..7723c3f 100644 (file)
--- a/classes/user.php
+++ b/classes/user.php
@@ -83,10 +83,10 @@ class User extends PlUser
          }
  
          // Checks whether $login is a valid hruid or not.
-        $res = XDB::query("SELECT  uid
+        $res = XDB::query('SELECT  uid
                               FROM  accounts
-                            WHERE  hruid LIKE CONCAT('%', {?}, '%')", $login);
-        if ($res->numRows()) {
+                            WHERE  hruid' . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $login));
+        if ($res->numRows() == 1) {
              return $res->fetchOneCell();
          }
author	Stéphane Jacob <sj@m4x.org>
	Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)
committer	Stéphane Jacob <sj@m4x.org>
	Sat, 5 Nov 2011 17:13:34 +0000 (18:13 +0100)