Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix #hunterf1d1ce3e-ca92-4c7b-b1b8-934e28eaa486

Browse Source 
Conflicts:
	test/phpunit/CodingPhpTest.php
This commit is contained in:
Laurent Destailleur
2022-01-13 18:34:15 +01:00
parent 620a88b8d6
commit b9b45fb506
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/compta/sociales/list.php
View File

@@ -206,7 +206,7 @@ if (!empty($conf->projet->enabled)) {
}
}
if (!empty($search_users)) {
$sql .= ' AND cs.fk_user IN('.implode(', ', $search_users).')';
$sql .= ' AND cs.fk_user IN ('.$db->sanitize(implode(', ', $search_users)).')';
}
if (!empty($search_type) && $search_type > 0) {
$sql .= ' AND cs.fk_mode_reglement='.$search_type;

12
test/phpunit/CodingPhpTest.php
View File

@@ -328,9 +328,14 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
$this->assertTrue($ok, 'Found non escaped string in building of a sql request '.$file['relativename'].': '.$val[0].' - Bad.');
//exit;
// Checks with IN
// Check string ' IN (".xxx' or ' IN (\'.xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
preg_match_all('/ IN \([\'"]\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
$ok=true;
$matches=array();
preg_match_all('/\s+IN\s*\([\'"]\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
foreach ($matches as $key => $val) {
//var_dump($val);
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
$ok=false;
break;
@@ -342,8 +347,11 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
//exit;
// Check string ' IN (\'".xxx' with xxx that is not '$this->db->sanitize' and not '$db->sanitize'. It means we forget a db->sanitize when forging sql request.
preg_match_all('/ IN \(\'"\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
$ok=true;
$matches=array();
preg_match_all('/\s+IN\s*\(\'"\s*\.\s*(.........)/i', $filecontent, $matches, PREG_SET_ORDER);
foreach ($matches as $key => $val) {
//var_dump($val);
if (!in_array($val[1], array('$db->sani', '$this->db', 'getEntity', 'WON\',\'L', 'self::STA', 'Commande:', 'CommandeF', 'Entrepot:', 'Facture::', 'FactureFo', 'ExpenseRe', 'Societe::', 'Ticket::S'))) {
$ok=false;
break;