Only use 255/200 characters of HTTP user agent/referer strings, more don't fit into tables

2007-04-25 10:00:36 +00:00 · 2007-04-25 10:00:36 +00:00 · c00ca94fb4
commit c00ca94fb4
parent 8e95e96a85
4 changed files with 6 additions and 6 deletions
--- a/include/functions_comments.inc.php
+++ b/include/functions_comments.inc.php
@ -556,7 +556,7 @@ function serendipity_saveComment($id, $commentInfo, $type = 'NORMAL', $source =
        $parentid      = (isset($commentInfo['parent_id']) && is_numeric($commentInfo['parent_id'])) ? $commentInfo['parent_id'] : 0;
        $status        = serendipity_db_escape_string(isset($commentInfo['status']) ? $commentInfo['status'] : (serendipity_db_bool($ca['moderate_comments']) ? 'pending' : 'approved'));
        $t             = serendipity_db_escape_string(isset($commentInfo['time']) ? $commentInfo['time'] : time());
-        $referer       = (isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : '');
+        $referer       = substr((isset($_SESSION['HTTP_REFERER']) ? serendipity_db_escape_string($_SESSION['HTTP_REFERER']) : ''), 0, 200);

        $query = "SELECT a.email, e.title, a.mail_comments, a.mail_trackbacks
                 FROM {$serendipity['dbPrefix']}entries e, {$serendipity['dbPrefix']}authors a
--- a/plugins/serendipity_event_karma/serendipity_event_karma.php
+++ b/plugins/serendipity_event_karma/serendipity_event_karma.php
@ -339,7 +339,7 @@ class serendipity_event_karma extends serendipity_event
                          $this->karmaId,
                          $this->karmaVoting,
                          serendipity_db_escape_string($_SERVER['REMOTE_ADDR']),
-                          serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']),
+                          substr(serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), 0, 255),
                          $now
                        );
                        $sql = serendipity_db_query($q);
--- a/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php
+++ b/plugins/serendipity_event_spamblock/serendipity_event_spamblock.php
@ -1356,9 +1356,9 @@ var $filter_defaults;
                           serendipity_db_escape_string($comment['name']),
                           serendipity_db_escape_string($comment['email']),
                           serendipity_db_escape_string($comment['url']),
-                           serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']),
+                           substr(serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), 0, 255),
                           serendipity_db_escape_string($_SERVER['REMOTE_ADDR']),
-                           serendipity_db_escape_string(isset($_SESSION['HTTP_REFERER']) ? $_SESSION['HTTP_REFERER'] : $_SERVER['HTTP_REFERER']),
+                           substr(serendipity_db_escape_string(isset($_SESSION['HTTP_REFERER']) ? $_SESSION['HTTP_REFERER'] : $_SERVER['HTTP_REFERER']), 0, 255),
                           serendipity_db_escape_string($comment['comment'])
                );

--- a/plugins/serendipity_event_statistics/serendipity_event_statistics.php
+++ b/plugins/serendipity_event_statistics/serendipity_event_statistics.php
@ -131,10 +131,10 @@ class serendipity_event_statistics extends serendipity_event
                            $remoteaddr = $_SERVER['REMOTE_ADDR'];
                        }
                        if ($_SERVER['HTTP_USER_AGENT']) {
-                            $useragent = $_SERVER['HTTP_USER_AGENT'];
+                            $useragent = substr($_SERVER['HTTP_USER_AGENT'], 0, 255);
                        }
                        if ($_SERVER['HTTP_REFERER']) {
-                            $referer = $_SERVER['HTTP_REFERER'];
+                            $referer = substr($_SERVER['HTTP_REFERER'], 0, 255);
                        }
                            
                        $found = 0;