[AppDB] Make screen shots safe from SQL injection

Tony Lambregts tony.lambregts at gmail.com
Mon Jun 26 21:11:17 CDT 2006

This is a subset of Chris Morgan's select_update_delete_injection.patch which 
only deals with screen shots. I had to modify admin/adminScreenshots.php to get 
rid of the quotes around the question marks that made the query fail but 
otherwise it is the same.

I changed line 120 of admin/adminScreenshots.php like so.
from            ORDER BY id ASC LIMIT '?', '?'", $offset, $ItemsPerPage);
to              ORDER BY id ASC LIMIT ?, ?", $offset, $ItemsPerPage);

Change log: Makes screen shots safe from SQL injection

Files changed:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: make_screenshots_safe_from_injection.diff
Type: text/x-patch
Size: 10799 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-patches/attachments/20060626/51006ced/make_screenshots_safe_from_injection-0001.diff

More information about the wine-patches mailing list