github
/
kratos
mirror of https://github.com/vtrois/kratos
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: use $wpdb->prepare() to reduce vulnerability of sql injection (#384)

pull/386/head
n0099 2021-06-24 12:50:12 +08:00 committed by GitHub
parent 27ed0d05b8
commit 261402720a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
inc/theme-shortcode.php
View File

@ -204,8 +204,7 @@ function reply($atts, $content = null)
}
global $wpdb;
$post_id = get_the_ID();
$query = "SELECT `comment_ID` FROM {$wpdb->comments} WHERE `comment_post_ID`={$post_id} and `comment_approved`='1' and `comment_author_email`='{$userEmail}' LIMIT 1";
if ($wpdb->get_results($query)) {
if ($wpdb->get_results($wpdb->prepare("SELECT comment_ID FROM {$wpdb->comments} WHERE comment_post_ID = %d AND comment_approved = '1' AND comment_author_email = %s LIMIT 1", $post_id, $userEmail))) {
return do_shortcode($content);
} else {
return $notice;

4
inc/theme-widgets.php
View File

@ -60,7 +60,7 @@ function most_comm_posts($days = 30, $nums = 6)
date_default_timezone_set("PRC");
$today = date("Y-m-d H:i:s");
$daysago = date("Y-m-d H:i:s", strtotime($today) - ($days * 24 * 60 * 60));
$result = $wpdb->get_results("SELECT comment_count, ID, post_title, post_date FROM $wpdb->posts WHERE post_date BETWEEN '$daysago' AND '$today' and post_type='post' and post_status='publish' ORDER BY comment_count DESC LIMIT 0 , $nums");
$result = $wpdb->get_results($wpdb->prepare("SELECT comment_count, ID, post_title, post_date FROM $wpdb->posts WHERE post_date BETWEEN %s AND %s and post_type = 'post' AND post_status = 'publish' ORDER BY comment_count DESC LIMIT 0, %d", $daysago, $today, $nums));
$output = '';
if (!empty($result)) {
foreach ($result as $topten) {
@ -125,7 +125,7 @@ function string_cut($string, $sublen, $start = 0, $code = 'UTF-8') {
function latest_comments($list_number=5, $cut_length=50)
{
global $wpdb, $output;
$comments = $wpdb->get_results("SELECT comment_ID, comment_post_ID, comment_author, comment_date_gmt, comment_content FROM {$wpdb->comments} LEFT OUTER JOIN {$wpdb->posts} ON {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID WHERE comment_approved = '1' AND (comment_type = '' OR comment_type = 'comment') AND user_id != '1' AND post_password = '' ORDER BY comment_date_gmt DESC LIMIT {$list_number}");
$comments = $wpdb->get_results($wpdb->prepare("SELECT comment_ID, comment_post_ID, comment_author, comment_date_gmt, comment_content FROM {$wpdb->comments} LEFT OUTER JOIN {$wpdb->posts} ON {$wpdb->comments}.comment_post_ID = {$wpdb->posts}.ID WHERE comment_approved = '1' AND (comment_type = '' OR comment_type = 'comment') AND user_id != '1' AND post_password = '' ORDER BY comment_date_gmt DESC LIMIT %d", $list_number));
foreach ($comments as $comment) {
$nickname = esc_attr($comment->comment_author) ?: __('匿名', 'kratos');
$output .= '<a href="' . get_the_permalink($comment->comment_post_ID) . '#commentform"> <div class="meta clearfix"> <div class="avatar float-left">' . get_avatar($comment, 60) . '</div> <div class="profile d-block"> <span class="date">' . $nickname . ' ' . __('发布于 ', 'kratos') . timeago($comment->comment_date_gmt) . '</span> <span class="message d-block">' . convert_smilies(esc_attr(string_cut(strip_tags($comment->comment_content), $cut_length))) . '</span> </div> </div> </a>';