In the Core Hack article about search plugin bug fixing you wrote: The fo - Forums - Search bug fixing... Am I included?

> 1 <

Author	Message
donP Members 13 posts http://www.sangelo.net Location: Italy Rozzano (MI) Occupation: Age: 35	#172 2007-12-22 11:36 GMT
	In the Core Hack article about search plugin bug fixing you wrote: Quote The following conditions should be met for exploit to work: * Seditio <= 121 unpatched with Search 2.0. * magic_quotes_gpc = Off in php.ini * MySQL >= 4.1 (supposed to be fixed in recent >=5.x.x series) So, if my Server is running MySQL 5.0.22 can I rest in peace with my Spartan Search v.3 plugin?
	donP
Kilandor Administrators 118 posts http://www.seditioforge.com/ Location: United States TN Occupation: Web Coder - Gamer - Game Devloper(working on it) Age: 23	#173 2007-12-22 14:50 GMT
	Maybe, dunno, would be best to jsut filter the in comming data.

donP Members 13 posts http://www.sangelo.net Location: Italy Rozzano (MI) Occupation: Age: 35	#174 2007-12-22 19:50 GMT
	Do you mean with the sed_sql_prep() suggested in your bug fix?
	donP
Kilandor Administrators 118 posts http://www.seditioforge.com/ Location: United States TN Occupation: Web Coder - Gamer - Game Devloper(working on it) Age: 23	#175 2007-12-23 04:20 GMT
	yes, sed_sql_prep will do things like backslack 's like \' or \" which prevents it from breaking querys

donP Members 13 posts http://www.sangelo.net Location: Italy Rozzano (MI) Occupation: Age: 35	#176 2007-12-23 10:21 GMT
	Thaks. I'll try to fix Spartan 3.0 version...
	donP

> 1 <

donP