Commit Graph

13 Commits

Author SHA1 Message Date
mikelittle 1aebecad96 Fix remote SQL injection exploit.
"b2 0.6.2 and prior" allow sql injection in ./blog.header.php. $posts isn�t
convert to integer, so we can inject a sql in this variable. In MySQL 4.x
UNION and subselects can be used to obtain privileges.


git-svn-id: http://svn.automattic.com/wordpress/trunk@153 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-06-04 00:14:49 +00:00
mikelittle 3b1ee8f5ab Removed erroneous require of wp-db
Added missing require of wp-db to b2config
Moved links tables tt b2config
Fixed definition of extra db vars


git-svn-id: http://svn.automattic.com/wordpress/trunk@152 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-06-03 23:15:14 +00:00
mikelittle cacc4ed4fd Fix to use ezsql
git-svn-id: http://svn.automattic.com/wordpress/trunk@144 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-06-01 20:59:33 +00:00
saxmatt 96459f6958 Only display published entries.
git-svn-id: http://svn.automattic.com/wordpress/trunk@142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-06-01 14:49:04 +00:00
saxmatt d37d5204a9 ezSQL mods.
git-svn-id: http://svn.automattic.com/wordpress/trunk@114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-29 14:04:30 +00:00
saxmatt 0c41ba8305 Earlier path fix that was missed.
git-svn-id: http://svn.automattic.com/wordpress/trunk@107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-26 13:31:55 +00:00
mikelittle b7aa3cdd7d Fixed html headers
git-svn-id: http://svn.automattic.com/wordpress/trunk@101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-25 23:38:03 +00:00
saxmatt cc77c8a815 Old fix back.
git-svn-id: http://svn.automattic.com/wordpress/trunk@98 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-25 21:20:59 +00:00
saxmatt 91de6b846c New path system.
git-svn-id: http://svn.automattic.com/wordpress/trunk@96 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-25 12:43:31 +00:00
mikelittle debf2f7147 Removed $pathserver. Now use $siteurl everywhere.
git-svn-id: http://svn.automattic.com/wordpress/trunk@83 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-24 21:50:22 +00:00
saxmatt 1f74b4d30c Pingback fix.
git-svn-id: http://svn.automattic.com/wordpress/trunk@57 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-23 13:49:48 +00:00
saxmatt 05ea50a8c9 Removed aggresive assumption.
git-svn-id: http://svn.automattic.com/wordpress/trunk@52 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-05-23 12:39:05 +00:00
saxmatt b43564cb29 *** empty log message ***
git-svn-id: http://svn.automattic.com/wordpress/trunk@3 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2003-04-01 14:12:34 +00:00