lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix dangerous sql injection #3327

Browse Source
This commit is contained in:
All-3kcis 2015-09-25 16:31:55 +02:00
parent ea7384cf68
commit 2a84afeee4
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/user/card.php
View File

@ -384,12 +384,12 @@ if ($action == 'update' && ! $_POST["cancel"])
} }
else else
{ {
$object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); $object->entity = (GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
} }
} }
else else
{ {
$object->entity = (empty($_POST["entity"]) ? 0 : $_POST["entity"]); $object->entity = (GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
} }
if (GETPOST('deletephoto')) $object->photo=''; if (GETPOST('deletephoto')) $object->photo='';

2
htdocs/user/class/user.class.php
View File

@ -1217,7 +1217,7 @@ class User extends CommonObject
if (isset($this->salary) || $this->salary != '') $sql.= ", salary= ".($this->salary != ''?"'".$this->db->escape($this->salary)."'":"null"); if (isset($this->salary) || $this->salary != '') $sql.= ", salary= ".($this->salary != ''?"'".$this->db->escape($this->salary)."'":"null");
if (isset($this->salaryextra) || $this->salaryextra != '') $sql.= ", salaryextra= ".($this->salaryextra != ''?"'".$this->db->escape($this->salaryextra)."'":"null"); if (isset($this->salaryextra) || $this->salaryextra != '') $sql.= ", salaryextra= ".($this->salaryextra != ''?"'".$this->db->escape($this->salaryextra)."'":"null");
$sql.= ", weeklyhours= ".($this->weeklyhours != ''?"'".$this->db->escape($this->weeklyhours)."'":"null"); $sql.= ", weeklyhours= ".($this->weeklyhours != ''?"'".$this->db->escape($this->weeklyhours)."'":"null");
$sql.= ", entity = '".$this->entity."'"; $sql.= ", entity = '".$this->db->escape($this->entity)."'";
$sql.= " WHERE rowid = ".$this->id; $sql.= " WHERE rowid = ".$this->id;
dol_syslog(get_class($this)."::update", LOG_DEBUG); dol_syslog(get_class($this)."::update", LOG_DEBUG);