subject:"\[Bug 19621\] Add\-on\: statistics per namespace"

[Bug 19621] Add-on: statistics per namespace

2009-07-14 Thread bugzilla-daemon

https://bugzilla.wikimedia.org/show_bug.cgi?id=19621





--- Comment #4 from Al Maghi alfred.ma...@gmail.com  2009-07-14 12:31:53 UTC 
---
(In reply to comment #3)
 That shouldn't work. If it does, that's an SQL injection vulnerability.
 

Is it not rather a selection than an injection; indeed that query does not
change the DB:

'SELECT ... FROM ... WHERE rev_page=page_id AND page_namespace=0 AND
page_is_redirect=0'


-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 19621] Add-on: statistics per namespace

2009-07-13 Thread bugzilla-daemon

https://bugzilla.wikimedia.org/show_bug.cgi?id=19621





--- Comment #2 from Al Maghi alfred.ma...@gmail.com  2009-07-13 18:04:04 UTC 
---
(In reply to comment #1)
 Add to query (line159)  AND page_is_redirect=0  to get rid of statistics on
 redirects.

Better adding:  AND page_is_redirect=0 in function DisplayForm line 387:

option value='=0 AND page_is_redirect=0' selected.
wfMsg('usagestatisticsnsmain') .


-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 19621] Add-on: statistics per namespace

2009-07-13 Thread bugzilla-daemon

https://bugzilla.wikimedia.org/show_bug.cgi?id=19621


Roan Kattouw roan.katt...@gmail.com changed:

   What|Removed |Added

 CC||roan.katt...@gmail.com




--- Comment #3 from Roan Kattouw roan.katt...@gmail.com  2009-07-13 18:07:03 
UTC ---
(In reply to comment #2)
 (In reply to comment #1)
  Add to query (line159)  AND page_is_redirect=0  to get rid of statistics 
  on
  redirects.
 
 Better adding:  AND page_is_redirect=0 in function DisplayForm line 387:
 
 option value='=0 AND page_is_redirect=0' selected.
 wfMsg('usagestatisticsnsmain') .
 

That shouldn't work. If it does, that's an SQL injection vulnerability.


-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 19621] Add-on: statistics per namespace

2009-07-10 Thread bugzilla-daemon

https://bugzilla.wikimedia.org/show_bug.cgi?id=19621





--- Comment #1 from Al Maghi alfred.ma...@gmail.com  2009-07-10 11:47:17 UTC 
---
Add to query (line159)  AND page_is_redirect=0  to get rid of statistics on
redirects.


-- 
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
You are on the CC list for the bug.

___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

[Bug 19621] Add-on: statistics per namespace

[Bug 19621] Add-on: statistics per namespace

[Bug 19621] Add-on: statistics per namespace

[Bug 19621] Add-on: statistics per namespace

4 matches

Site Navigation

Mail list logo

Footer information