gnu-social/classes at 3fb2c06cba19106c2621921379704d18b37d1810 - gnu-social - Undefined Hackers: GitHost

GNUsocial/gnu-social

History

Joshua Wise 3fb2c06cba Potential SQL injection in Local_group::setNickname()

This change escapes a parameter in Local_group::setNickname(). Review
of the code paths that call this function sanitize the parameter
higher up the stack, but it's escaped here to prevent mistakes later.

Note that nickname parameters are normally alphanum strings, so
there's not much danger in double-escaping them.

2013-07-16 10:11:26 -07:00

..

Avatar.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Config.php

Quietly skip trying to load config if there's an error in DB

2011-09-08 12:01:06 -04:00

Confirm_address.php

Remove sequenceKey() since we now use Managed_DataObject

2011-08-22 18:05:37 -04:00

Consumer.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Conversation.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Deleted_notice.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Fave.php

Throw an exception converting fave to activity for non-existent notice or profile

2013-05-24 09:26:58 -04:00

File_oembed.php

Remove sequenceKey() since we now use Managed_DataObject

2011-08-22 18:05:37 -04:00

File_redirection.php

move core schema to class files

2011-08-22 17:52:02 -04:00

File_thumbnail.php

Remove unique key on file_thumbnail.url

2011-09-28 15:48:20 -04:00

File_to_post.php

move core schema to class files

2011-08-22 17:52:02 -04:00

File.php

Crazy gettext way to support two plurals in one string.

2011-12-28 12:44:42 +01:00

Foreign_link.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Foreign_service.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Foreign_subscription.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Foreign_user.php

Facebook bridge back in business with new JS-SDK and OAuth 2.0 flow.

2011-09-27 04:09:47 +00:00

Group_alias.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Group_block.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Group_inbox.php

Squashed commit of the following:

2011-10-20 12:50:39 -04:00

Group_join_queue.php

fix regression in group join approval due to refactoring (forgot to remove a param)

2011-03-29 16:18:51 -07:00

Group_member.php

Squashed commit of the following:

2011-10-20 12:50:39 -04:00

Inbox.php

Remove sequenceKey() since we now use Managed_DataObject

2011-08-22 18:05:37 -04:00

Invitation.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Local_group.php

Potential SQL injection in Local_group::setNickname()

2013-07-16 10:11:26 -07:00

Location_namespace.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Login_token.php

Remove sequenceKey() since we now use Managed_DataObject

2011-08-22 18:05:37 -04:00

Managed_DataObject.php

Further fixes to Managed_DataObject::_allCacheKeys(): now uses self::multicacheKey() to generate the (possibly compound) keys, which makes it match the order of the keys used when calling pkeyGet().

2011-09-29 15:21:52 -07:00

Memcached_DataObject.php

Update translator documentation and i18n.

2011-08-30 11:43:27 +02:00

Message.php

Bad variable in Message::asActivity()

2013-06-08 21:04:51 -04:00

Nonce.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Notice_inbox.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Notice_source.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Notice_tag.php

Squashed commit of the following:

2011-10-20 12:50:39 -04:00

Notice.php

Better ID for notice activity

2013-06-15 12:07:34 -04:00

Oauth_application_user.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Oauth_application.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Oauth_token_association.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Old_school_prefs.php

New table for all old-school UI prefs

2011-09-24 07:12:34 -04:00

Profile_block.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Profile_list.php

Merge commit 'refs/merge-requests/158' of git://gitorious.org/statusnet/mainline into merge-requests/158

2011-09-26 17:11:49 -04:00

Profile_role.php

Squashed commit of the following:

2011-10-20 12:50:39 -04:00

Profile_tag_subscription.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Profile_tag.php

Add missing space between two sentences.

2011-12-28 12:35:03 +01:00

Profile.php

Add spam-training, spam-reviewing rights

2012-03-25 13:18:16 -04:00

Queue_item.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Related_group.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Remember_me.php

Remove sequenceKey() since we now use Managed_DataObject

2011-08-22 18:05:37 -04:00

Remote_profile.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Reply.php

Squashed commit of the following:

2011-10-20 12:50:39 -04:00

Safe_DataObject.php

* i18n/L10n and translator documentation updates.

2010-09-28 23:42:18 +02:00

Schema_version.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Session.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Sms_carrier.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Status_network_tag.php

hide errors when deleting cached status_network_tag keys

2011-06-10 18:57:17 -04:00

status_network.ini

oops. really embarassing typo (that explains some weird behaviour)

2010-07-29 16:32:41 -04:00

Status_network.php

Better handling for combined memcache identifiers

2011-06-10 19:13:33 -04:00

Subscription_queue.php

Durr... got items in wrong order :D Fixed email notification for pending subscribes

2011-03-28 17:22:37 -07:00

Subscription.php

Merge branch '1.0.x' into activity

2011-08-22 18:13:02 -04:00

Token.php

move core schema to class files

2011-08-22 17:52:02 -04:00

Unavailable_status_network.php

Class to store unavailable status network names

2011-04-28 15:29:13 -07:00

User_group.php

move pending queue to sidebar

2011-08-27 16:05:58 -04:00

User_im_prefs.php

Fix for caching with compound keys: add Managed_DataObject::_allCacheKeys() to override the one in Memcached_DataObject.

2011-09-28 18:32:43 -07:00

User_location_prefs.php

move core schema to class files

2011-08-22 17:52:02 -04:00

User_urlshortener_prefs.php

move core schema to class files

2011-08-22 17:52:02 -04:00

User_username.php

move core schema to class files

2011-08-22 17:52:02 -04:00

User.php

Use better type, title for service

2013-06-04 16:30:40 -04:00