[wp-trac] Re: [WordPress Trac] #5455: Charset SQL Injection
Vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 12 10:52:26 GMT 2007
#5455: Charset SQL Injection Vulnerability
-----------------------+----------------------------------------------------
Reporter: pishmishy | Owner: pishmishy
Type: defect | Status: assigned
Priority: normal | Milestone: 2.5
Component: Security | Version: 2.4
Severity: normal | Resolution:
Keywords: |
-----------------------+----------------------------------------------------
Comment (by ryan):
We tried mysql_real_escape_string() some time ago and it caused lots of
problems. That was before mysql_set_charset() came along, however. I
think if mysql_set_charset() is available and DB_CHARSET is set, we can
safely use mysql_real_escape_string().
Let's try something like this. In wpdb::__construct(), call
mysql_set_charset(), if it exists, instead of SET NAMES. Flag the fact
that we've called mysql_set_charset(). Check this flag in wpdb::escape()
and call mysql_real_escape_string() if the charset was set with
mysql_set_charset(). If the charset was set with SET NAMES or not set at
all, use addslashes().
--
Ticket URL: <http://trac.wordpress.org/ticket/5455#comment:7>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list