Fix SQLi reported by op7ica
This commit is contained in:
Laurent Destailleur
parent
c62d68f4be
commit
c3b9c91200
@ -320,16 +320,16 @@ if (empty($reshook))
|
||||
$object->skype = trim($_POST["skype"]);
|
||||
$object->birth = $birthdate;
|
||||
|
||||
$object->typeid = $_POST["typeid"];
|
||||
$object->typeid = GETPOST("typeid",'int');
|
||||
//$object->note = trim($_POST["comment"]);
|
||||
$object->morphy = $_POST["morphy"];
|
||||
$object->morphy = GETPOST("morphy",'alpha');
|
||||
|
||||
if (GETPOST('deletephoto')) $object->photo='';
|
||||
elseif (! empty($_FILES['photo']['name'])) $object->photo = dol_sanitizeFileName($_FILES['photo']['name']);
|
||||
|
||||
// Get status and public property
|
||||
$object->statut = $_POST["statut"];
|
||||
$object->public = $_POST["public"];
|
||||
$object->statut = GETPOST("statut",'alpha');
|
||||
$object->public = GETPOST("public",'alpha');
|
||||
|
||||
// Fill array 'array_options' with data from add form
|
||||
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
|
||||
@ -445,29 +445,29 @@ if (empty($reshook))
|
||||
$datesubscription=dol_mktime(12, 0, 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]);
|
||||
}
|
||||
|
||||
$typeid=$_POST["typeid"];
|
||||
$civility_id=$_POST["civility_id"];
|
||||
$lastname=$_POST["lastname"];
|
||||
$firstname=$_POST["firstname"];
|
||||
$societe=$_POST["societe"];
|
||||
$address=$_POST["address"];
|
||||
$zip=$_POST["zipcode"];
|
||||
$town=$_POST["town"];
|
||||
$state_id=$_POST["state_id"];
|
||||
$country_id=$_POST["country_id"];
|
||||
$typeid=GETPOST("typeid",'int');
|
||||
$civility_id=GETPOST("civility_id",'int');
|
||||
$lastname=GETPOST("lastname",'alpha');
|
||||
$firstname=GETPOST("firstname",'alpha');
|
||||
$societe=GETPOST("societe",'alpha');
|
||||
$address=GETPOST("address",'alpha');
|
||||
$zip=GETPOST("zipcode",'alpha');
|
||||
$town=GETPOST("town",'alpha');
|
||||
$state_id=GETPOST("state_id",'int');
|
||||
$country_id=GETPOST("country_id",'int');
|
||||
|
||||
$phone=$_POST["phone"];
|
||||
$phone_perso=$_POST["phone_perso"];
|
||||
$phone_mobile=$_POST["phone_mobile"];
|
||||
$skype=$_POST["member_skype"];
|
||||
$email=$_POST["member_email"];
|
||||
$login=$_POST["member_login"];
|
||||
$pass=$_POST["password"];
|
||||
$photo=$_POST["photo"];
|
||||
//$comment=$_POST["comment"];
|
||||
$morphy=$_POST["morphy"];
|
||||
$subscription=$_POST["subscription"];
|
||||
$public=$_POST["public"];
|
||||
$phone=GETPOST("phone",'alpha');
|
||||
$phone_perso=GETPOST("phone_perso",'alpha');
|
||||
$phone_mobile=GETPOST("phone_mobile",'alpha');
|
||||
$skype=GETPOST("member_skype",'alpha');
|
||||
$email=GETPOST("member_email",'alpha');
|
||||
$login=GETPOST("member_login",'alpha');
|
||||
$pass=GETPOST("password",'alpha');
|
||||
$photo=GETPOST("photo",'alpha');
|
||||
//$comment=GETPOST("comment",'none');
|
||||
$morphy=GETPOST("morphy",'alpha');
|
||||
$subscription=GETPOST("subscription",'alpha');
|
||||
$public=GETPOST("public",'alpha');
|
||||
|
||||
$userid=$_POST["userid"];
|
||||
$socid=$_POST["socid"];
|
||||
@ -1093,14 +1093,14 @@ else
|
||||
$morphys["phy"] = $langs->trans("Physical");
|
||||
$morphys["mor"] = $langs->trans("Morale");
|
||||
print '<tr><td><span class="fieldrequired">'.$langs->trans("Nature").'</span></td><td>';
|
||||
print $form->selectarray("morphy", $morphys, isset($_POST["morphy"])?$_POST["morphy"]:$object->morphy);
|
||||
print $form->selectarray("morphy", $morphys, (GETPOSTISSET("morphy")?GETPOST("morphy",'alpha'):$object->morphy));
|
||||
print "</td></tr>";
|
||||
|
||||
// Type
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("Type").'</td><td>';
|
||||
if ($user->rights->adherent->creer)
|
||||
{
|
||||
print $form->selectarray("typeid", $adht->liste_array(), (isset($_POST["typeid"])?$_POST["typeid"]:$object->typeid));
|
||||
print $form->selectarray("typeid", $adht->liste_array(), (GETPOSTISSET("typeid")?GETPOST("typeid",'int'):$object->typeid));
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
@ -265,7 +265,7 @@ class AdherentType extends CommonObject
|
||||
{
|
||||
$sql = "SELECT d.rowid, d.libelle as label, d.statut, d.subscription, d.mail_valid, d.note, d.vote";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."adherent_type as d";
|
||||
$sql .= " WHERE d.rowid = ".$rowid;
|
||||
$sql .= " WHERE d.rowid = ".(int) $rowid;
|
||||
|
||||
dol_syslog("Adherent_type::fetch", LOG_DEBUG);
|
||||
|
||||
|
||||
@ -42,23 +42,23 @@ $toselect = GETPOST('toselect', 'array');
|
||||
// Security check
|
||||
$result=restrictedArea($user,'adherent');
|
||||
|
||||
$filter=GETPOST("filter");
|
||||
$statut=GETPOST("statut");
|
||||
$search=GETPOST("search");
|
||||
$search_ref=GETPOST("search_ref");
|
||||
$search_lastname=GETPOST("search_lastname");
|
||||
$search_firstname=GETPOST("search_firstname");
|
||||
$search_login=GETPOST("search_login");
|
||||
$search_address=GETPOST("search_address");
|
||||
$search_zip=GETPOST("search_zip");
|
||||
$search_town=GETPOST("search_town");
|
||||
$search_state=GETPOST("search_state");
|
||||
$search_country=GETPOST("search_country");
|
||||
$search_phone=GETPOST("search_phone");
|
||||
$search_phone_perso=GETPOST("search_phone_perso");
|
||||
$search_phone_mobile=GETPOST("search_phone_mobile");
|
||||
$search_type=GETPOST("search_type");
|
||||
$search_email=GETPOST("search_email");
|
||||
$filter=GETPOST("filter",'alpha');
|
||||
$statut=GETPOST("statut",'alpha');
|
||||
$search=GETPOST("search",'alpha');
|
||||
$search_ref=GETPOST("search_ref",'alpha');
|
||||
$search_lastname=GETPOST("search_lastname",'alpha');
|
||||
$search_firstname=GETPOST("search_firstname",'alpha');
|
||||
$search_login=GETPOST("search_login",'alpha');
|
||||
$search_address=GETPOST("search_address",'alpha');
|
||||
$search_zip=GETPOST("search_zip",'alpha');
|
||||
$search_town=GETPOST("search_town",'alpha');
|
||||
$search_state=GETPOST("search_state",'alpha');
|
||||
$search_country=GETPOST("search_country",'alpha');
|
||||
$search_phone=GETPOST("search_phone",'alpha');
|
||||
$search_phone_perso=GETPOST("search_phone_perso",'alpha');
|
||||
$search_phone_mobile=GETPOST("search_phone_mobile",'alpha');
|
||||
$search_type=GETPOST("search_type",'alpha');
|
||||
$search_email=GETPOST("search_email",'alpha');
|
||||
$search_categ = GETPOST("search_categ",'int');
|
||||
$catid = GETPOST("catid",'int');
|
||||
$optioncss = GETPOST('optioncss','alpha');
|
||||
@ -288,7 +288,7 @@ if ($num == 1 && ! empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) &&
|
||||
llxHeader('',$langs->trans("Member"),'EN:Module_Foundations|FR:Module_Adhérents|ES:Módulo_Miembros');
|
||||
|
||||
$titre=$langs->trans("MembersList");
|
||||
if (isset($_GET["statut"]))
|
||||
if (GETPOSTISSET("statut"))
|
||||
{
|
||||
if ($statut == '-1,1') { $titre=$langs->trans("MembersListQualified"); }
|
||||
if ($statut == '-1') { $titre=$langs->trans("MembersListToValid"); }
|
||||
|
||||
@ -999,9 +999,9 @@ class Societe extends CommonObject
|
||||
$sql .= ", code_fournisseur = ".(! empty($this->code_fournisseur)?"'".$this->db->escape($this->code_fournisseur)."'":"null");
|
||||
$sql .= ", code_compta_fournisseur = ".(! empty($this->code_compta_fournisseur)?"'".$this->db->escape($this->code_compta_fournisseur)."'":"null");
|
||||
}
|
||||
$sql .= ", fk_user_modif = ".(! empty($user->id)?"'".$user->id."'":"null");
|
||||
$sql .= ", fk_user_modif = ".($user->id > 0 ? $user->id:"null");
|
||||
$sql .= ", fk_multicurrency = ".(int) $this->fk_multicurrency;
|
||||
$sql .= ', multicurrency_code = \''.$this->db->escape($this->multicurrency_code)."'";
|
||||
$sql .= ", multicurrency_code = '".$this->db->escape($this->multicurrency_code)."'";
|
||||
$sql .= " WHERE rowid = '" . $id ."'";
|
||||
|
||||
$resql=$this->db->query($sql);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user