From 8b6999b5bf0e8889bf81681ba9f8067ff4decfce Mon Sep 17 00:00:00 2001 From: Harald Eilertsen Date: Sun, 29 Jan 2023 13:57:03 +0100 Subject: Fix concert limit/offset queries. - offset and limit were sensitive to the order in which they were added, and would be reversed if added in the wrong order. That was a bit confusing. - offset and limit were not sanitized, so they were a vector for SQL injecion. Fixed that now. --- includes/class-giglogadmin-concert.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'includes') diff --git a/includes/class-giglogadmin-concert.php b/includes/class-giglogadmin-concert.php index 94b1902..c277648 100644 --- a/includes/class-giglogadmin-concert.php +++ b/includes/class-giglogadmin-concert.php @@ -209,7 +209,8 @@ if ( ! class_exists( 'GiglogAdmin_Concert' ) ) { ); $where = array(); - $lmt = array(); + $offset = 0; + $limit = 15; foreach ( $filter as $key => $value ) { switch ( $key ) { case 'name': @@ -230,11 +231,11 @@ if ( ! class_exists( 'GiglogAdmin_Concert' ) ) { break; case 'offset': - array_push( $lmt, $value ); + $offset = intval( $value ); break; case 'limit': - array_push( $lmt, $value ); + $limit = intval( $value ); break; } } @@ -246,7 +247,7 @@ if ( ! class_exists( 'GiglogAdmin_Concert' ) ) { $query .= ' ORDER BY wpgconcert_date'; if ( ! empty( $lmt ) ) { - $query .= ' LIMIT ' . implode( ', ', $lmt ); + $query .= " LIMIT {$offset},{$limit}"; } return $query; -- cgit v1.2.3