Add the probe catcher, harmless if not probing.

377ce67b · Russ Fish · 37a342a1 · 377ce67b
Commit 377ce67b authored Mar 28, 2007 by Russ Fish
--- a/www/dbdefs.php3.in
+++ b/www/dbdefs.php3.in
@@ -648,6 +648,19 @@ function DBQuery($query)
    global	$DBErrorString;
    global      $DBlinkid;
    
+    # Support for SQL-injection vulnerability checking.  Labeled probe strings
+    # should be caught in page input argument checking before they get here.
+    $lbl = strpos($query, "**{");
+    if ( $lbl !== FALSE ) {
+	$end = strpos($query, "}**") + 3;
+	# Look for a preceeding single quote, and see if it's backslashed.
+	if ( substr($query, $lbl-1, 1) == "'" ) {
+	    $lbl--;
+	    if ( substr($query, $lbl-1, 1) == '\\' ) $lbl--;
+	}
+	USERERROR("Probe label: " . substr($query, $lbl, $end-$lbl), 1);
+    }
+
    $result = mysql_query($query, $DBlinkid);

    if (! $result) {