gnu-social/classes
Joshua Wise 3fb2c06cba Potential SQL injection in Local_group::setNickname()
This change escapes a parameter in Local_group::setNickname(). Review
of the code paths that call this function sanitize the parameter
higher up the stack, but it's escaped here to prevent mistakes later.

Note that nickname parameters are normally alphanum strings, so
there's not much danger in double-escaping them.
2013-07-16 10:11:26 -07:00
..
Avatar.php move core schema to class files 2011-08-22 17:52:02 -04:00
Config.php Quietly skip trying to load config if there's an error in DB 2011-09-08 12:01:06 -04:00
Confirm_address.php Remove sequenceKey() since we now use Managed_DataObject 2011-08-22 18:05:37 -04:00
Consumer.php move core schema to class files 2011-08-22 17:52:02 -04:00
Conversation.php move core schema to class files 2011-08-22 17:52:02 -04:00
Deleted_notice.php move core schema to class files 2011-08-22 17:52:02 -04:00
Fave.php Throw an exception converting fave to activity for non-existent notice or profile 2013-05-24 09:26:58 -04:00
File_oembed.php Remove sequenceKey() since we now use Managed_DataObject 2011-08-22 18:05:37 -04:00
File_redirection.php move core schema to class files 2011-08-22 17:52:02 -04:00
File_thumbnail.php Remove unique key on file_thumbnail.url 2011-09-28 15:48:20 -04:00
File_to_post.php move core schema to class files 2011-08-22 17:52:02 -04:00
File.php Crazy gettext way to support two plurals in one string. 2011-12-28 12:44:42 +01:00
Foreign_link.php move core schema to class files 2011-08-22 17:52:02 -04:00
Foreign_service.php move core schema to class files 2011-08-22 17:52:02 -04:00
Foreign_subscription.php move core schema to class files 2011-08-22 17:52:02 -04:00
Foreign_user.php Facebook bridge back in business with new JS-SDK and OAuth 2.0 flow. 2011-09-27 04:09:47 +00:00
Group_alias.php move core schema to class files 2011-08-22 17:52:02 -04:00
Group_block.php move core schema to class files 2011-08-22 17:52:02 -04:00
Group_inbox.php Squashed commit of the following: 2011-10-20 12:50:39 -04:00
Group_join_queue.php fix regression in group join approval due to refactoring (forgot to remove a param) 2011-03-29 16:18:51 -07:00
Group_member.php Squashed commit of the following: 2011-10-20 12:50:39 -04:00
Inbox.php Remove sequenceKey() since we now use Managed_DataObject 2011-08-22 18:05:37 -04:00
Invitation.php move core schema to class files 2011-08-22 17:52:02 -04:00
Local_group.php Potential SQL injection in Local_group::setNickname() 2013-07-16 10:11:26 -07:00
Location_namespace.php move core schema to class files 2011-08-22 17:52:02 -04:00
Login_token.php Remove sequenceKey() since we now use Managed_DataObject 2011-08-22 18:05:37 -04:00
Managed_DataObject.php Further fixes to Managed_DataObject::_allCacheKeys(): now uses self::multicacheKey() to generate the (possibly compound) keys, which makes it match the order of the keys used when calling pkeyGet(). 2011-09-29 15:21:52 -07:00
Memcached_DataObject.php Update translator documentation and i18n. 2011-08-30 11:43:27 +02:00
Message.php Bad variable in Message::asActivity() 2013-06-08 21:04:51 -04:00
Nonce.php move core schema to class files 2011-08-22 17:52:02 -04:00
Notice_inbox.php move core schema to class files 2011-08-22 17:52:02 -04:00
Notice_source.php move core schema to class files 2011-08-22 17:52:02 -04:00
Notice_tag.php Squashed commit of the following: 2011-10-20 12:50:39 -04:00
Notice.php Better ID for notice activity 2013-06-15 12:07:34 -04:00
Oauth_application_user.php move core schema to class files 2011-08-22 17:52:02 -04:00
Oauth_application.php move core schema to class files 2011-08-22 17:52:02 -04:00
Oauth_token_association.php move core schema to class files 2011-08-22 17:52:02 -04:00
Old_school_prefs.php New table for all old-school UI prefs 2011-09-24 07:12:34 -04:00
Profile_block.php move core schema to class files 2011-08-22 17:52:02 -04:00
Profile_list.php Merge commit 'refs/merge-requests/158' of git://gitorious.org/statusnet/mainline into merge-requests/158 2011-09-26 17:11:49 -04:00
Profile_role.php Squashed commit of the following: 2011-10-20 12:50:39 -04:00
Profile_tag_subscription.php move core schema to class files 2011-08-22 17:52:02 -04:00
Profile_tag.php Add missing space between two sentences. 2011-12-28 12:35:03 +01:00
Profile.php Add spam-training, spam-reviewing rights 2012-03-25 13:18:16 -04:00
Queue_item.php move core schema to class files 2011-08-22 17:52:02 -04:00
Related_group.php move core schema to class files 2011-08-22 17:52:02 -04:00
Remember_me.php Remove sequenceKey() since we now use Managed_DataObject 2011-08-22 18:05:37 -04:00
Remote_profile.php move core schema to class files 2011-08-22 17:52:02 -04:00
Reply.php Squashed commit of the following: 2011-10-20 12:50:39 -04:00
Safe_DataObject.php * i18n/L10n and translator documentation updates. 2010-09-28 23:42:18 +02:00
Schema_version.php move core schema to class files 2011-08-22 17:52:02 -04:00
Session.php move core schema to class files 2011-08-22 17:52:02 -04:00
Sms_carrier.php move core schema to class files 2011-08-22 17:52:02 -04:00
Status_network_tag.php hide errors when deleting cached status_network_tag keys 2011-06-10 18:57:17 -04:00
status_network.ini oops. really embarassing typo (that explains some weird behaviour) 2010-07-29 16:32:41 -04:00
Status_network.php Better handling for combined memcache identifiers 2011-06-10 19:13:33 -04:00
Subscription_queue.php Durr... got items in wrong order :D Fixed email notification for pending subscribes 2011-03-28 17:22:37 -07:00
Subscription.php Merge branch '1.0.x' into activity 2011-08-22 18:13:02 -04:00
Token.php move core schema to class files 2011-08-22 17:52:02 -04:00
Unavailable_status_network.php Class to store unavailable status network names 2011-04-28 15:29:13 -07:00
User_group.php move pending queue to sidebar 2011-08-27 16:05:58 -04:00
User_im_prefs.php Fix for caching with compound keys: add Managed_DataObject::_allCacheKeys() to override the one in Memcached_DataObject. 2011-09-28 18:32:43 -07:00
User_location_prefs.php move core schema to class files 2011-08-22 17:52:02 -04:00
User_urlshortener_prefs.php move core schema to class files 2011-08-22 17:52:02 -04:00
User_username.php move core schema to class files 2011-08-22 17:52:02 -04:00
User.php Use better type, title for service 2013-06-04 16:30:40 -04:00