diff options
| author | preed%sigkill.com <> | 2002-08-31 00:24:12 +0200 |
|---|---|---|
| committer | preed%sigkill.com <> | 2002-08-31 00:24:12 +0200 |
| commit | aefeff9d9fe53225e9626a411b83dfc1a5adc181 (patch) | |
| tree | ac0f953103dcdab6efd3924c84bd19fd8e102c56 | |
| parent | 4c1922a6e893428bfbd43bc41ff4245384d8b543 (diff) | |
| download | bugzilla-aefeff9d9fe53225e9626a411b83dfc1a5adc181.tar.gz bugzilla-aefeff9d9fe53225e9626a411b83dfc1a5adc181.tar.xz | |
Bug 165221: Apostrophes not properly handled during account creation. r=joel,r2=bbaetz
| -rwxr-xr-x | createaccount.cgi | 1 | ||||
| -rw-r--r-- | globals.pl | 12 |
2 files changed, 10 insertions, 3 deletions
diff --git a/createaccount.cgi b/createaccount.cgi index 79be1bb64..13256f47b 100755 --- a/createaccount.cgi +++ b/createaccount.cgi @@ -65,7 +65,6 @@ if (defined($login)) { # We've been asked to create an account. my $realname = trim($::FORM{'realname'}); CheckEmailSyntax($login); - trick_taint($login); $vars->{'login'} = $login; if (!ValidateNewUser($login)) { diff --git a/globals.pl b/globals.pl index 21bdc46cf..624f31171 100644 --- a/globals.pl +++ b/globals.pl @@ -552,11 +552,19 @@ sub ValidateNewUser { return 0; } + my $sqluname = SqlQuote($username); + # Reject if the new login is part of an email change which is # still in progress + # + # substring/locate stuff: bug 165221; this used to use regexes, but that + # was unsafe and required weird escaping; using substring to pull out + # the new/old email addresses and locate() to find the delimeter (':') + # is cleaner/safer SendSQL("SELECT eventdata FROM tokens WHERE tokentype = 'emailold' - AND eventdata like '%:$username' - OR eventdata like '$username:%'"); + AND SUBSTRING(eventdata, 1, (LOCATE(':', eventdata) - 1)) = $sqluname + OR SUBSTRING(eventdata, (LOCATE(':', eventdata) + 1)) = $sqluname"); + if (my ($eventdata) = FetchSQLData()) { # Allow thru owner of token if($old_username && ($eventdata eq "$old_username:$username")) { |