[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [jfw] Error validating an inscription of a user



You have 2 SQL injections in your code. Please fix those huge security
issues before going live with this.

Hannes

Am 09.07.2014 00:26, schrieb Elena Atero Ureña:
>
> Hi,
>
> I have a problem validating a registration by e-mail, which will pass
> the user a link with your validation key. The particular problem is
> that the view with the confirmation message is not displayed, but
> internally it works correctly.
>
>
> In a file 'helper' I have a function that checks if the validation is
> successful, the code is as follows:
>
>
> *public function *validarInscripcionAnual(){
>
> /  // Initialise variables./
>
>   $app = JFactory::getApplication();
>
>   $model = $this->getModel('validara');
>
> /  /
>
> /  // Get the data from the form POST/
>
>   $clave = JRequest::getVar('key', 'get');
>
> /  // Now update the loaded data to the database via a function in the
> model/
>
>   $valido = $model->validar($clave);
>
>
> /  // check if ok and display appropriate message./
>
>   if ($valido){
>
>      return true;
>
>   }
>
>   else{
>
>      return false;
>
>   }
>
> }
>
>
> In the model I have the function 'validar' is called in file 'helper',
> which makes the necessary operations with the database. The code is as
> follows:
>
>
> *public function *validar($clave){
>
> /  // set the variables from the passed data/
>
>   $key = $clave;
>
> /
> /
>
> /  // set the data into a query to update the record/
>
>   $db = JFactory::getDBO();
>
>   $query = $db->getQuery(true);
>
>   $q = $db->getQuery(true);
>
>
>   $query->select('*');
>
>   $query->from('#__anual');
>
>   $query->where("clave='".$key."' ");
>
>   $db->setQuery((string)$query);
>
>   $resultado = $db->loadResult();
>
>   
>
>   if ($db->loadResult() == 0){
>
>      return false;
>
>   }
>
>   else{
>
>      $query->update(' #__anual');
>
>      $query = "UPDATE #__anual SET validacion=1 where clave='".$key."'";
>
>      $db->setQuery((string)$query);
>
>     
>
>      if (!$db->query() || !$db->q() ) {
>
>           JError::raiseError(500, $db->getErrorMsg());
>
>           return false;
>
>      } else {
>
>           return true;
>
>      }
>
>   }
>
> }
>
>
> In the view I call the function of the file 'helper', The code is as
> follows:
>
>
> *public function *display($tpl = null){
>
> /  // Get some data from the models/
>
>   $item = $this->get('Item');
>
>   $this->item = $item;
>
>   $test = InscripcionesHelper::validarInscripcionAnual();
>
> /
> /
>
> /  // Check for errors./
>
>   if (*count*($errors = $this->get('Errors')){
>
>      JError::raiseError(500, *implode*('<br />', $errors));
>
>      return false;
>
>   }
>
> /  /
>
> /  // Display the view/
>
>   parent::display($tpl);
>
> }
>
>
> And in the view template I show a message depending on the result of
> the previous function. The code is as follows:
>
>
> <?php
>
> /  // No direct access to this file/
>
> *  defined*('_JEXEC') or die('Restricted access');
>
>   
>
>   if ($test)
>
>   {
>
> *     echo* "<h2>Enhorabuena.</h2>";
>
> *     echo* "<p>Su inscripcion ha sido validada con exito.</p>";
>
> *     echo* "<h4>Le esperamos en la academia!</h4>";
>
>   }
>
>   else {
>
> *     echo* "Algo a ido mal";
>
>   }
>
> ?>
>
> -- 
> Framework source code: https://github.com/joomla/joomla-framework
> Visit http://developer.joomla.org for more information about
> developing with Joomla!
> ---
> You received this message because you are subscribed to the Google
> Groups "Joomla! Framework Development" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to joomla-dev-framework+unsubscribe AT googlegroups.com
> <mailto:joomla-dev-framework+unsubscribe AT googlegroups.com>.
> Visit this group at http://groups.google.com/group/joomla-dev-framework.

-- 
Framework source code: https://github.com/joomla/joomla-framework
Visit http://developer.joomla.org for more information about developing with Joomla!
--- 
You received this message because you are subscribed to the Google Groups "Joomla! Framework Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to joomla-dev-framework+unsubscribe AT googlegroups.com.
Visit this group at http://groups.google.com/group/joomla-dev-framework.