[Bug 19621] Add-on: statistics per namespace
https://bugzilla.wikimedia.org/show_bug.cgi?id=19621 --- Comment #4 from Al Maghi alfred.ma...@gmail.com 2009-07-14 12:31:53 UTC --- (In reply to comment #3) That shouldn't work. If it does, that's an SQL injection vulnerability. Is it not rather a selection than an injection; indeed that query does not change the DB: 'SELECT ... FROM ... WHERE rev_page=page_id AND page_namespace=0 AND page_is_redirect=0' -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 19621] Add-on: statistics per namespace
https://bugzilla.wikimedia.org/show_bug.cgi?id=19621 --- Comment #2 from Al Maghi alfred.ma...@gmail.com 2009-07-13 18:04:04 UTC --- (In reply to comment #1) Add to query (line159) AND page_is_redirect=0 to get rid of statistics on redirects. Better adding: AND page_is_redirect=0 in function DisplayForm line 387: option value='=0 AND page_is_redirect=0' selected. wfMsg('usagestatisticsnsmain') . -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 19621] Add-on: statistics per namespace
https://bugzilla.wikimedia.org/show_bug.cgi?id=19621 Roan Kattouw roan.katt...@gmail.com changed: What|Removed |Added CC||roan.katt...@gmail.com --- Comment #3 from Roan Kattouw roan.katt...@gmail.com 2009-07-13 18:07:03 UTC --- (In reply to comment #2) (In reply to comment #1) Add to query (line159) AND page_is_redirect=0 to get rid of statistics on redirects. Better adding: AND page_is_redirect=0 in function DisplayForm line 387: option value='=0 AND page_is_redirect=0' selected. wfMsg('usagestatisticsnsmain') . That shouldn't work. If it does, that's an SQL injection vulnerability. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 19621] Add-on: statistics per namespace
https://bugzilla.wikimedia.org/show_bug.cgi?id=19621 --- Comment #1 from Al Maghi alfred.ma...@gmail.com 2009-07-10 11:47:17 UTC --- Add to query (line159) AND page_is_redirect=0 to get rid of statistics on redirects. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l