From 4410169645f1167f453b9ccd761d0bdae570c0d3 Mon Sep 17 00:00:00 2001 From: yamamoto Date: Mon, 1 Aug 2022 10:44:38 +0900 Subject: [PATCH 1/4] Update example2.extender.inc.php --- .../snippets/ditto/extenders/example2.extender.inc.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/assets/snippets/ditto/extenders/example2.extender.inc.php b/assets/snippets/ditto/extenders/example2.extender.inc.php index 2676e12f8e..cd686e6138 100644 --- a/assets/snippets/ditto/extenders/example2.extender.inc.php +++ b/assets/snippets/ditto/extenders/example2.extender.inc.php @@ -2,8 +2,7 @@ /* * Title: Example2 - * Purpose: - * Example file for basing new Extenders on + * Purpose: Example file for basing new Extenders on */ // --------------------------------------------------- @@ -12,9 +11,9 @@ // --------------------------------------------------- $placeholders['example'] = array( - array('pagetitle', '*') - , 'exampleFunction' - , 'pagetitle' + array('pagetitle', '*'), + 'exampleFunction', + 'pagetitle' ); // Variable: $placeholders['example'] // Add the placeholder example to the custom placeholders list From b99aed91ee6be608350dbdb8ca7a0358f9faf319 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 25 Dec 2025 04:12:39 +0000 Subject: [PATCH 2/4] Initial plan From cc842001ca702db6bfe74db6b0206d54d194a57e Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 25 Dec 2025 04:16:41 +0000 Subject: [PATCH 3/4] Fix SQL injection vulnerability by escaping $value in where() function Co-authored-by: yama <73999+yama@users.noreply.github.com> --- manager/includes/extenders/ex_dbapi.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manager/includes/extenders/ex_dbapi.php b/manager/includes/extenders/ex_dbapi.php index 8161bbc252..3a2402dfcb 100644 --- a/manager/includes/extenders/ex_dbapi.php +++ b/manager/includes/extenders/ex_dbapi.php @@ -46,7 +46,7 @@ function where($field, $op, $value = null) } return sprintf( strpos($field, '`') === false ? '`%s` %s "%s"' : '%s %s "%s"', - $field, $op, $value + $field, $op, db()->escape($value) ); } From 2392a9c8f05240b5124cff03539951e063a720a2 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 25 Dec 2025 04:18:44 +0000 Subject: [PATCH 4/4] Use single quotes for SQL values in where() function Co-authored-by: yama <73999+yama@users.noreply.github.com> --- manager/includes/extenders/ex_dbapi.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/manager/includes/extenders/ex_dbapi.php b/manager/includes/extenders/ex_dbapi.php index 3a2402dfcb..3dfd685929 100644 --- a/manager/includes/extenders/ex_dbapi.php +++ b/manager/includes/extenders/ex_dbapi.php @@ -45,7 +45,7 @@ function where($field, $op, $value = null) $op = '='; } return sprintf( - strpos($field, '`') === false ? '`%s` %s "%s"' : '%s %s "%s"', + strpos($field, '`') === false ? '`%s` %s \'%s\'' : '%s %s \'%s\'', $field, $op, db()->escape($value) ); }