- Reworked the CXX checking; now, _any_ user input will be checked

and the request will be terminated when something suspicious is
detected.  This will be logged in the watchdog.  With help from Marco.

- Fixed translation issue in the archive module.  Patch by Gerhard.

- Removed dead parameter from variable_get().  Patch by Chris Johnson.
Fixes bug #2111.

- Improved input checking of taxonomy module.  Patch by Gerhard.
Fixes bug #2112.

1 files changed, 17 insertions, 15 deletions

diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module
index 89427d139..567a8e5e3 100644
--- a/modules/taxonomy/taxonomy.module
+++ b/modules/taxonomy/taxonomy.module
@@ -657,23 +657,25 @@ function _prepare_insert($data, $stage) {
 function taxonomy_select_nodes($taxonomy, $pager = 1) {
   global $user;
 
-  if ($taxonomy->operator == "or") {
-    $sql = "SELECT DISTINCT(n.nid), n.title, n.type, n.created, n.changed, n.uid, n.static, n.created, u.name FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' ORDER BY static DESC, created DESC";
-    $sql_count = "SELECT COUNT(DISTINCT(n.nid)) FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1'";
-  }
-  else {
-    $sql = "SELECT n.nid, n.title, n.type, n.created, n.changed, n.uid, u.name FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' GROUP BY n.nid, n.title, n.type, n.created, n.changed, n.uid, u.name HAVING COUNT(n.nid) = ".count($taxonomy->tids)." ORDER BY static DESC, created DESC";
+  if ($taxonomy->str_tids) {
+    if ($taxonomy->operator == "or") {
+      $sql = "SELECT DISTINCT(n.nid), n.title, n.type, n.created, n.changed, n.uid, n.static, n.created, u.name FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' ORDER BY static DESC, created DESC";
+      $sql_count = "SELECT COUNT(DISTINCT(n.nid)) FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1'";
+    }
+    else {
+      $sql = "SELECT n.nid, n.title, n.type, n.created, n.changed, n.uid, u.name FROM node n LEFT JOIN term_node r ON n.nid = r.nid LEFT JOIN users u ON n.uid = u.uid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' GROUP BY n.nid, n.title, n.type, n.created, n.changed, n.uid, u.name HAVING COUNT(n.nid) = ".count($taxonomy->tids)." ORDER BY static DESC, created DESC";
 
-    // Special trick as we could not find anything better:
-    $count = db_num_rows(db_query("SELECT n.nid FROM node n LEFT JOIN term_node r ON n.nid = r.nid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' GROUP BY n.nid HAVING COUNT(n.nid) = ". count($taxonomy->tids)));
-    $sql_count = "SELECT $count";
-  }
+      // Special trick as we could not find anything better:
+      $count = db_num_rows(db_query("SELECT n.nid FROM node n LEFT JOIN term_node r ON n.nid = r.nid WHERE r.tid IN ($taxonomy->str_tids) AND n.status = '1' GROUP BY n.nid HAVING COUNT(n.nid) = ". count($taxonomy->tids)));
+      $sql_count = "SELECT $count";
+    }
 
-  if ($pager) {
-    $result = pager_query($sql, variable_get("default_nodes_main", 10) , 0, $sql_count);
-  }
-  else {
-    $result = db_query_range($sql, 0, 15);
+    if ($pager) {
+      $result = pager_query($sql, variable_get("default_nodes_main", 10) , 0, $sql_count);
+    }
+    else {
+      $result = db_query_range($sql, 0, 15);
+    }
   }
 
   return $result;