lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: sql injection

Browse Source
This commit is contained in:
Regis Houssin 2012-04-09 22:49:19 +02:00
parent 380a8109e8
commit 8c3158cf28
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/admin/tools/export.php
View File

@ -127,7 +127,7 @@ if ($what == 'mysql')
if (! empty($dolibarr_main_db_port)) $param.=" -P ".$dolibarr_main_db_port;
if (! GETPOST("use_transaction")) $param.=" -l --single-transaction";
if (GETPOST("disable_fk")) $param.=" -K";
if (GETPOST("sql_compat") && GETPOST("sql_compat") != 'NONE') $param.=" --compatible=".GETPOST("sql_compat","alpha");
if (GETPOST("sql_compat") && GETPOST("sql_compat") != 'NONE') $param.=" --compatible=".GETPOST("sql_compat","special");
if (GETPOST("drop_database")) $param.=" --add-drop-database";
if (GETPOST("sql_structure"))
{

6
htdocs/core/lib/functions.lib.php
View File

@ -194,6 +194,12 @@ function GETPOST($paramname,$check='',$method=0)
// '../' is dangerous because it allows dir transversals
if (preg_match('/"/',$out)) $out='';
else if (preg_match('/\.\.\//',$out)) $out='';
else if (preg_match('/(\s)*|(%20)*/',$out)) $out='';
}
elseif ($check == 'special')
{
$out=trim($out);
if (preg_match('/(\s)*|(%20)*/',$out)) $out='';
}
elseif ($check == 'array')
{