fix sql injection vulnerability

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@4878 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-22 02:55:41 +02:00 · 2004-03-28 16:38:51 +00:00
parent 234b1f13de
commit 64fe7e3167
2 changed files with 2 additions and 1 deletions
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@ -62,6 +62,7 @@ p,ul,td {font-size:10pt;}
 <li>Limited allowed images in img bbcode tag to jpg, jpeg, gif and png</li>
 <li>Fixed redirect problems - 2.0.7a</li>
 <li>Fixed sql injection vulnerability in search - 2.0.7a</li>
+<li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>

 <a name="206"></a><h3 class="h3">1.ii. Changes since 2.0.6</h3>
--- a/phpBB/privmsg.php
+++ b/phpBB/privmsg.php
@ -212,7 +212,7 @@ else if ( $mode == 'read' )
 			break;
 		case 'savebox':
 			$l_box_name = $lang['Savebox'];
-			$pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
+			$pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
 					AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) 
 				OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
 					AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )