I just implemeted a new Pagination for Search, and upon having detected several vulnerabilites in the gamesitescript (GSS) Search function for 4.0 and 4.5 versions I am going to post a fix.
This fix also allows you to set the minimum search characters.
SQLi Vulnerability in 4.0/4.5 versions:
http://gangsplanet.com/index.php?params=search&q=27
Search also allows searching if non-alpha numeric char (like %, !, #, etc):
http://gangsplanet.com/index.php?params=search&q=%25
What I have done to fix this on my site is to revamp the entire Search function and adding input sanitizing, barring a rewrite of the entire Search function, here is how to fix sql issue, ad set Search to 3 characters:
Open /plugins/search/functions.php
find:
Change to:PHP Code:if ($query == '') {
$qblank = true;
}
If you want to see how the pagination works, or how the above works-PHP Code:if ($query == '' || $query == '27' || strlen($query) < 3) {
$qblank = true;
}
test it here:
http://www.havocarcade.com/search/shooter/1.html
Reply With Quote
