Announcement

Collapse
No announcement yet.

Possible unfiltered user input in posts with @text' generating database error

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Possible unfiltered user input in posts with @text' generating database error

    I am getting DB errors when @sometext' is placed in a post (to be clear, that is at symbol, followed by text and an apostrophe, optionally more text beyond this.)

    The error raised is:

    Code:
    Database error in vBulletin 4.2.0:
    
    Invalid SQL:   SELECT
                        user.*, UNIX_TIMESTAMP(passworddate) AS passworddate, user.languageid AS saved_languageid,
                        IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid
                        
                        FROM user AS user
                        LEFT JOIN userfield AS userfield ON (user.userid = userfield.userid)
                        INNER JOIN tapatalk_users AS tt_user ON (user.userid = tt_user.userid AND tt_user.tag = 1)
                        LEFT JOIN usertextfield AS usertextfield ON (usertextfield.userid = user.userid)
                        WHERE user.username IN ('sometext')');
    
    MySQL Error   : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '')' at line 9
    Error Number  : 1064
    Request Date  : Friday, August 21st 2015 @ 10:38:18 PM
    Error Date    : Friday, August 21st 2015 @ 10:38:18 PM
    Script        : http://----------.com/newthread.php?do=postthread&f=-----
    Referrer      : http://----------.com/newthread.php?do=newthread&f=-----
    This seems like at least partially unfiltered text being sent to the database in a query. Does anyone know what the @sometext is doing? Is it akin to the Twitter Username - it certainly seems to be examining the user database based on the text which proceeds the @ symbol.

    Can anyone shed any light on this for me?

  • #2
    There isn't Username functionality in vBulletin 4.2.0. First, upgrade to 4.2.3, and then try disabling ALL of your third party addons.

    Comment

    widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
    Working...
    X