From aed48a9aa30d52bf04bf693616dabe7a6f3d954e Mon Sep 17 00:00:00 2001
From: Fil <fil@rezo.net>
Date: Thu, 27 Feb 2003 14:23:14 +0000
Subject: [PATCH] securite

---
 ecrire/inc_auth_spip.php3 | 6 +++---
 spip_cookie.php3          | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ecrire/inc_auth_spip.php3 b/ecrire/inc_auth_spip.php3
index ea8bdeaa41..f7a6dacf6b 100644
--- a/ecrire/inc_auth_spip.php3
+++ b/ecrire/inc_auth_spip.php3
@@ -13,7 +13,7 @@ class Auth_spip {
 	}
 
 	function verifier_challenge_md5($login, $mdpass_actuel, $mdpass_futur) {
-		$query = "SELECT * FROM spip_auteurs WHERE login='$login' AND pass='$mdpass_actuel' AND statut<>'5poubelle' AND source='spip'";
+		$query = "SELECT * FROM spip_auteurs WHERE login='$login' AND pass='".addslashes($mdpass_actuel)."' AND statut<>'5poubelle' AND source='spip'";
 		$result = spip_query($query);
 
 		if ($row = spip_fetch_array($result)) {
@@ -38,14 +38,14 @@ class Auth_spip {
 
 	function activer() {
 		if ($this->statut == 'nouveau') { // nouvel inscrit
-			spip_query("UPDATE spip_auteurs SET statut='1comite' WHERE login='".$this->login."'");
+			spip_query("UPDATE spip_auteurs SET statut='1comite' WHERE login='".addslashes($this->login)."'");
 		}
 		if ($this->md5next) {
 			include_ecrire("inc_session.php3");
 			// fait tourner le codage du pass dans la base
 			$nouvel_alea_futur = creer_uniqid();
 			$query = "UPDATE spip_auteurs SET alea_actuel = alea_futur, ".
-				"pass = '".$this->md5next."', alea_futur = '$nouvel_alea_futur' ".
+				"pass = '".addslashes($this->md5next)."', alea_futur = '$nouvel_alea_futur' ".
 				"WHERE login='".$this->login."'";
 			@spip_query($query);
 		}
diff --git a/spip_cookie.php3 b/spip_cookie.php3
index 341de5ef38..60ec4b0a67 100644
--- a/spip_cookie.php3
+++ b/spip_cookie.php3
@@ -100,7 +100,7 @@ if ($essai_login == "oui") {
 		$md5next = $next_session_password_md5;
 	}
 	else if ($session_password) { // mot passe en clair
-		$query = "SELECT alea_actuel, alea_futur FROM spip_auteurs WHERE login='$login' AND statut!='5poubelle'";
+		$query = "SELECT alea_actuel, alea_futur FROM spip_auteurs WHERE login='".addslashes($login)."' AND statut!='5poubelle'";
 		$result = spip_query($query);
 		if ($row = spip_fetch_array($result)) {
 			$md5pass = md5($row['alea_actuel'] . $session_password);
-- 
GitLab