История изменений
Исправление cashalot, (текущая версия) :
Вот что накопал:
If tainted data is used in the query then it should be quuted by using the ${quote_:} expansion operator appropriate for the lookup.
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html
Т.е. строка конфига должна выглядеть так:
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain=‘${quote_mysql:{$domain}}’ AND (type=‘LOCAL’ OR type=‘VIRTUAL’)}}
Исправление cashalot, :
Вот что накопал:
If tainted data is used in the query then it should be quuted by using the ${quote_:} expansion operator appropriate for the lookup.
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html
Т.е. строка конфига должна выглядеть так:
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain=‘${quote_mysql:$domain}’ AND (type=‘LOCAL’ OR type=‘VIRTUAL’)}}
или так:
domainlist local_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain=‘${quote_mysql:{$domain}}’ AND (type=‘LOCAL’ OR type=‘VIRTUAL’)}}
Исходная версия cashalot, :
Вот что накопал:
If tainted data is used in the query then it should be quuted by using the ${quote_:} expansion operator appropriate for the lookup.
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-file_and_database_lookups.html
Т.е. строка конфига должна выглядеть так: [code] domainlist local_domains = ${lookup mysql{SELECT domain FROM domains WHERE domain=‘${quote_mysql:$domain}’ AND (type=‘LOCAL’ OR type=‘VIRTUAL’)}} [/code]