sanitize all short code attributes

the-events-calendar · Feb 25, 2023 · ac4f291 · ac4f291
1 parent aa79b1a
commit ac4f291
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 0 deletions.
diff --git a/gigpress.php b/gigpress.php
@@ -404,6 +404,16 @@ function gigpress_prepare( $show, $scope = 'public' ) {
 }
 
 
+function gigpress_sanitize_sort($sort_value, $default = false, $safe_values = array('asc', 'desc')) {
+    if (!in_array($sort_value, $safe_values, true)) {
+        // DEBUG
+        debug_log('hui, seems, to have an SQL injection attempt here? "'. $sort_value . '"');
+        return $default;
+    }
+    return $sort_value;
+}
+
+
 function gigpress_related_link( $postid, $format) {
 
 	if ( $postid == 0 ) return;

diff --git a/output/gigpress_related.php b/output/gigpress_related.php
@@ -17,6 +17,8 @@ function gigpress_show_related($args = array(), $content = '') {
 			'sort' => 'asc'
 		), $args));
 
+		$sort = gigpress_sanitize_sort($sort, $default = 'asc');
+
 		// Date conditionals based on scope
 		switch($scope) {
 			case 'upcoming':

diff --git a/output/gigpress_shows.php b/output/gigpress_shows.php
@@ -44,6 +44,8 @@ function gigpress_shows( $filter = null, $content = null ) {
 		), $filter )
 	);
 
+	$sort = gigpress_sanitize_sort($sort);
+
 	$total_artists = $wpdb->get_var( "SELECT count(*) from " . GIGPRESS_ARTISTS );
 
 	// Date conditionals and sorting based on scope
@@ -347,6 +349,8 @@ function gigpress_menu( $options = null ) {
 		'sort'       => 'desc',
 	), $options ) );
 
+	$sort = gigpress_sanitize_sort($sort, $default='desc');
+
 	$base .= ( strpos( $base, '?' ) === false ) ? '?' : '&amp;';
 
 	// Date conditionals based on scope