From: garvinhicking Date: Wed, 25 Apr 2007 10:00:36 +0000 (+0000) Subject: Only use 255/200 characters of HTTP user agent/referer strings, more don't fit into... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=1342ec896772b4505dde937a2a21c93635d878c7;p=s9y.git Only use 255/200 characters of HTTP user agent/referer strings, more don't fit into tables --- diff --git a/include/functions_comments.inc.php b/include/functions_comments.inc.php index 0d0a982..e220566 100644 --- a/include/functions_comments.inc.php +++ b/include/functions_comments.inc.php @@ -556,7 +556,7 @@ function serendipity_saveComment($id, $commentInfo, $type = 'NORMAL', $source = $parentid = (isset($commentInfo['parent_id']) && is_numeric($commentInfo['parent_id'])) ? $commentInfo['parent_id'] : 0; $status = serendipity_db_escape_string(isset($commentInfo['status']) ? $commentInfo['status'] : (serendipity_db_bool($ca['moderate_comments']) ? 'pending' : 'approved')); $t = serendipity_db_escape_string(isset($commentInfo['time']) ? $commentInfo['time'] : time()); - $referer = (isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : ''); + $referer = substr((isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : ''), 0, 200); $query = "SELECT a.email, e.title, a.mail_comments, a.mail_trackbacks FROM {$serendipity['dbPrefix']}entries e, {$serendipity['dbPrefix']}authors a diff --git a/plugins/serendipity_event_karma/serendipity_event_karma.php b/plugins/serendipity_event_karma/serendipity_event_karma.php index 75071ab..9685f51 100644 --- a/plugins/serendipity_event_karma/serendipity_event_karma.php +++ b/plugins/serendipity_event_karma/serendipity_event_karma.php @@ -339,7 +339,7 @@ class serendipity_event_karma extends serendipity_event $this->karmaId, $this->karmaVoting, serendipity_db_escape_string($_SERVER['REMOTE_ADDR']), - serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), + substr(serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), 0, 255), $now ); $sql = serendipity_db_query($q); diff --git a/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php b/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php index 48068fa..7be21e6 100644 --- a/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php +++ b/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php @@ -1356,9 +1356,9 @@ var $filter_defaults; serendipity_db_escape_string($comment['name']), serendipity_db_escape_string($comment['email']), serendipity_db_escape_string($comment['url']), - serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), + substr(serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), 0, 255), serendipity_db_escape_string($_SERVER['REMOTE_ADDR']), - serendipity_db_escape_string(isset($_SESSION['HTTP_REFERER']) ? $_SESSION['HTTP_REFERER'] : $_SERVER['HTTP_REFERER']), + substr(serendipity_db_escape_string(isset($_SESSION['HTTP_REFERER']) ? $_SESSION['HTTP_REFERER'] : $_SERVER['HTTP_REFERER']), 0, 255), serendipity_db_escape_string($comment['comment']) ); diff --git a/plugins/serendipity_event_statistics/serendipity_event_statistics.php b/plugins/serendipity_event_statistics/serendipity_event_statistics.php index bcebeac..d5969e5 100644 --- a/plugins/serendipity_event_statistics/serendipity_event_statistics.php +++ b/plugins/serendipity_event_statistics/serendipity_event_statistics.php @@ -131,10 +131,10 @@ class serendipity_event_statistics extends serendipity_event $remoteaddr = $_SERVER['REMOTE_ADDR']; } if ($_SERVER['HTTP_USER_AGENT']) { - $useragent = $_SERVER['HTTP_USER_AGENT']; + $useragent = substr($_SERVER['HTTP_USER_AGENT'], 0, 255); } if ($_SERVER['HTTP_REFERER']) { - $referer = $_SERVER['HTTP_REFERER']; + $referer = substr($_SERVER['HTTP_REFERER'], 0, 255); } $found = 0;