From b89d5a2bf48c2c1eb796963b3401aca498618ec4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Wed, 19 Feb 2014 13:25:28 +0100 Subject: [fix] security problems with tags --- inc/poche/Database.class.php | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) (limited to 'inc/poche/Database.class.php') diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 58583bf5..3332b5a3 100644 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php @@ -344,30 +344,36 @@ class Database { return $this->getHandle()->lastInsertId($column); } - public function retrieveAllTags() { - $sql = "SELECT * FROM tags"; - $query = $this->executeQuery($sql, array()); + public function retrieveAllTags($user_id) { + $sql = "SELECT tags.* FROM tags + LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id + LEFT JOIN entries ON tags_entries.entry_id=entries.id + WHERE entries.user_id=?"; + $query = $this->executeQuery($sql, array($user_id)); $tags = $query->fetchAll(); return $tags; } - public function retrieveTag($id) { + public function retrieveTag($id, $user_id) { $tag = NULL; - $sql = "SELECT * FROM tags WHERE id=?"; - $params = array(intval($id)); + $sql = "SELECT tags.* FROM tags + LEFT JOIN tags_entries ON tags_entries.tag_id=tags.id + LEFT JOIN entries ON tags_entries.entry_id=entries.id + WHERE tags.id=? AND entries.user_id=?"; + $params = array(intval($id), $user_id); $query = $this->executeQuery($sql, $params); $tag = $query->fetchAll(); return isset($tag[0]) ? $tag[0] : null; } - public function retrieveEntriesByTag($tag_id) { + public function retrieveEntriesByTag($tag_id, $user_id) { $sql = "SELECT entries.* FROM entries LEFT JOIN tags_entries ON tags_entries.entry_id=entries.id - WHERE tags_entries.tag_id = ?"; - $query = $this->executeQuery($sql, array($tag_id)); + WHERE tags_entries.tag_id = ? AND entries.user_id=?"; + $query = $this->executeQuery($sql, array($tag_id, $user_id)); $entries = $query->fetchAll(); return $entries; -- cgit v1.2.3