forked from Wavyzz/dolibarr
Fix #hunterf1d1ce3e-ca92-4c7b-b1b8-934e28eaa486
This commit is contained in:
Laurent Destailleur
@@ -229,7 +229,7 @@ if (!empty($conf->projet->enabled)) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (!empty($search_users)) {
|
if (!empty($search_users)) {
|
||||||
$sql .= ' AND cs.fk_user IN('.implode(', ', $search_users).')';
|
$sql .= ' AND cs.fk_user IN ('.$db->sanitize(implode(', ', $search_users)).')';
|
||||||
}
|
}
|
||||||
if (!empty($search_type) && $search_type > 0) {
|
if (!empty($search_type) && $search_type > 0) {
|
||||||
$sql .= ' AND cs.fk_mode_reglement='.((int) $search_type);
|
$sql .= ' AND cs.fk_mode_reglement='.((int) $search_type);
|
||||||
|
|||||||
@@ -392,11 +392,12 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
|
|||||||
|
|
||||||
// Checks with IN
|
// Checks with IN
|
||||||
|
|
||||||
// Check string 'IN (".xxx' or 'IN (\'.xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
|
// Check string ' IN (".xxx' or ' IN (\'.xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
|
||||||
$ok=true;
|
$ok=true;
|
||||||
$matches=array();
|
$matches=array();
|
||||||
preg_match_all('/ IN \([\'"]\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
|
preg_match_all('/\s+IN\s*\([\'"]\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
|
||||||
foreach ($matches as $key => $val) {
|
foreach ($matches as $key => $val) {
|
||||||
|
//var_dump($val);
|
||||||
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
|
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
|
||||||
$ok=false;
|
$ok=false;
|
||||||
break;
|
break;
|
||||||
@@ -407,11 +408,12 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
|
|||||||
$this->assertTrue($ok, 'Found non sanitized string in building of a IN or NOT IN sql request '.$file['relativename'].' - Bad.');
|
$this->assertTrue($ok, 'Found non sanitized string in building of a IN or NOT IN sql request '.$file['relativename'].' - Bad.');
|
||||||
//exit;
|
//exit;
|
||||||
|
|
||||||
// Check string 'IN (\'".xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
|
// Check string ' IN (\'".xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
|
||||||
$ok=true;
|
$ok=true;
|
||||||
$matches=array();
|
$matches=array();
|
||||||
preg_match_all('/ IN \(\'"\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
|
preg_match_all('/\s+IN\s*\(\'"\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
|
||||||
foreach ($matches as $key => $val) {
|
foreach ($matches as $key => $val) {
|
||||||
|
//var_dump($val);
|
||||||
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
|
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
|
||||||
$ok=false;
|
$ok=false;
|
||||||
break;
|
break;
|
||||||
|
|||||||
Reference in New Issue
Block a user