So I've been checking everything I can think of to make sure my input fields are all safe from any type of SQL Injection. The good news is they are safe. The bad news is there is one tag that messed up the form submission in a place that it shouldn't even touch and I can't for the life of me figure out why.
This is the exact html used(It's in a template file so forgive the {$variables}:
<div width="100%">
{$content}
{if $show_form != false}
<table class='Tfs_forum TFS_body ui-corner-all'>
<thead><tr><th class="TFS_header ui-corner-all">{$table_header}</th></tr></thead>
<tbody><tr><td class="TFS_userinfo loginlink ui-state-default ui-corner-all">
BBCode enabled. HTML will be parsed.<br><center>
<button type="button" onclick="addtoreply('[p]','[/p]')">Paragraph</button>
<button type="button" onclick="addtoreply('[b]','[/b]')"><b>Bold</b></button>
<button type="button" onclick="addtoreply('[i]','[/i]')"><i>Italic</i></button>
<button type="button" onclick="addtoreply('[u]','[/u]')"><u>Underline</u></button>
<button type="button" onclick="addtoreply('[s]','[/s]')"><s>Strikethrough</s></button>
<button type="button" onclick="addtoreply('[size=20px]','[/size]')">Font Size</button>
<button type="button" onclick="addtoreply('[color=red]','[/color]')">Font Color</button>
<button type="button" onclick="addtoreply('[center]','[/center]')">Center Text</button>
<button type="button" onclick="addtoreply('[url=]','[/url]')">Link</button>
<button type="button" onclick="addtoreply('[img]','[/img]')">Image</button>
<button type="button" onclick="addtoreply('[list]','[/list]')">List</button>
<button type="button" onclick="addtoreply('[*]','')">List item</button>
</center></td></tr>
<form method="post" action="{$submit_url}">
<tr><td>
<input type="hidden" name="forum" value="{$forum_id}"><div style="margin-left:10%;"><label>Topic title: <input type="text" name="new_post_title" value="{$title}"></label></div>
</td></tr>
<tr><td>
<label><div style="margin-left:10%; margin-right:10%;">Content:<textarea id="replybox" style="width: 100%; height: 150px;" name="new_post_content">{$formcontent}</textarea></label></div>
</td></tr>
<tr><td>
<div style="display: inline-block; float: right;"><button type="submit" name="new_post_submit"><span class="save"></span>Submit</button></div>
</td></tr></tbody>
</form></table>
{/if}
</div>
Okay this is the entire php script that gets executed until it sees that there is no data posted(None of the forum fields are being posted):
<?php
class TForumSystem_NewPost extends PHPDS_controller
{
public function execute()
{
include("BBCode.class.php");
include("includes.class.php");
$this->template->addCSSToHead( Allincludes::css() );
$this->template->addJsToHead( Allincludes::js() );
//Main variables here
$db_category = "***";
$db_forums = "****";
$db_posts = "****";
$db_replies= "****";
// $db_posts, $db_category, $db_forums, $db_replies;
//$forum_view_url = $this->navigation->buildURL('forum-view');
$view = $this->factory('views');
$maincontent = "";
$forum_link = ($this->navigation->buildURL('main-forum'));
if(!isset($_POST['forum'])) {
$this->template->info("Invalid forum, please navigate to the main <a href=\"$forum_link\">forum</a>");
$view->set('content', "Invalid forum, please navigate to the main <a href=\"$forum_link\">forum</a>"); $view->show();
}
The problem is when I use something such as ' or 1='1 or ' or 1=1-- in the title field, none of the data gets posted, I am currently using print_r($_POST) to see what is being submitted, and nothing is.
It works flawlessly for any other statements though, and I should also mention that this script works flawlessly on my local machine, but when using my host I come across the problem stated above.
This is a list of all the inputs I tested that mess it up:
' or 1='1
' or 1=1--
'" or 1=1--
' or 0=0 --
' or 'a'='a