Blame awstats-awredir.pl-sanitize-parameters.patch
|
|
777c719 |
diff -up awstats-7.1/wwwroot/cgi-bin/awredir.pl.sanitize awstats-7.1/wwwroot/cgi-bin/awredir.pl
|
|
|
777c719 |
--- awstats-7.1/wwwroot/cgi-bin/awredir.pl.sanitize 2012-02-15 15:19:22.000000000 +0100
|
|
|
777c719 |
+++ awstats-7.1/wwwroot/cgi-bin/awredir.pl 2013-01-04 10:31:33.303448288 +0100
|
|
|
777c719 |
@@ -21,6 +21,8 @@
|
|
|
48d1dcb |
|
|
|
48d1dcb |
#use DBD::mysql;
|
|
|
48d1dcb |
use Digest::MD5 qw(md5 md5_hex md5_base64);
|
|
|
48d1dcb |
+use HTML::Entities;
|
|
|
48d1dcb |
+use URI::Escape;
|
|
|
48d1dcb |
|
|
|
48d1dcb |
|
|
|
48d1dcb |
#-------------------------------------------------------
|
|
|
777c719 |
@@ -193,14 +195,17 @@ if ($TRACEBASE == 1) {
|
|
|
48d1dcb |
if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) {
|
|
|
48d1dcb |
if ($DEBUG == 1) { print LOGFILE "Execution requete Update sur BASE=$BASE, USER=$USER, PASS=$PASS\n"; }
|
|
|
48d1dcb |
my $dbh = DBI->connect("DBI:mysql:$BASE", $USER, $PASS) || die "Can't connect to DBI:mysql:$BASE: $dbh->errstr\n";
|
|
|
48d1dcb |
- my $sth = $dbh->prepare("UPDATE T_LINKS set HITS_LINKS = HIT_LINKS+1 where URL_LINKS = '$Url'");
|
|
|
48d1dcb |
- $sth->execute || error("Error: Unable execute query:$dbh->err, $dbh->errstr");
|
|
|
48d1dcb |
+ my $sth = $dbh->prepare("UPDATE T_LINKS set HITS_LINKS = HIT_LINKS+1 where URL_LINKS = ?");
|
|
|
48d1dcb |
+ $sth->execute($Url) || error("Error: Unable execute query:$dbh->err, $dbh->errstr");
|
|
|
48d1dcb |
$sth->finish;
|
|
|
48d1dcb |
$dbh->disconnect;
|
|
|
48d1dcb |
if ($DEBUG == 1) { print LOGFILE "Execution requete Update - OK\n"; }
|
|
|
48d1dcb |
}
|
|
|
48d1dcb |
}
|
|
|
48d1dcb |
|
|
|
c756488 |
+$Url=uri_escape($Url, "^A-Za-z0-9\-\._~/:");
|
|
|
c756488 |
+$Tag=uri_escape($Tag);
|
|
|
c756488 |
+
|
|
|
c756488 |
if ($TRACEFILE == 1) {
|
|
|
c756488 |
if ($ENV{REMOTE_ADDR} !~ /$EXCLUDEIP/) {
|
|
|
c756488 |
open(FICHIER,">>$TXTDIR/$TXTFILE") || error("Error: Enable to open trace file $TXTDIR/$TXTFILE: $!");
|