lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix escape

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-19 22:59:04 +02:00
parent b5703350da
commit d38168f49e
6 changed files with 36 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/install/lib/repair.lib.php
View File

@ -130,7 +130,7 @@ function clean_data_ecm_directories()
$newlabel = dol_sanitizeFileName($label);
if ($label != $newlabel)
{
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."ecm_directories set label='".$newlabel."' WHERE rowid=".$id;
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."ecm_directories set label='".$db->escape($newlabel)."' WHERE rowid=".$id;
print '<tr><td>'.$sqlupdate."</td></tr>\n";
$resqlupdate = $db->query($sqlupdate);
if (!$resqlupdate) dol_print_error($db, 'Failed to update');

7
htdocs/install/repair.php
View File

@ -30,7 +30,6 @@ include_once $dolibarr_main_document_root.'/core/lib/images.lib.php';
require_once $dolibarr_main_document_root.'/core/class/extrafields.class.php';
require_once 'lib/repair.lib.php';
$grant_query = '';
$step = 2;
$ok = 0;
@ -445,8 +444,8 @@ if ($ok && GETPOST('standard', 'alpha'))
if ($obj2 && $obj2->nb == 0)
{
// Module not found, so we canremove entry
$sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".$obj->entity." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$obj->file."' AND entity = ".$obj->entity.")";
$sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$obj->file."' AND entity = ".$obj->entity;
$sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".$obj->entity." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity.")";
$sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity;
if (GETPOST('standard', 'alpha') == 'confirmed')
{
@ -782,7 +781,7 @@ if ($ok && GETPOST('clean_menus', 'alpha'))
print ' - Module condition '.$modulecond.' seems ko, we delete menu entry.';
if (GETPOST('clean_menus') == 'confirmed')
{
$sql2 = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE module = '".$modulecond."'";
$sql2 = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE module = '".$db->escape($modulecond)."'";
$resql2 = $db->query($sql2);
if (!$resql2)
{

52
htdocs/install/upgrade2.php
View File

@ -978,11 +978,11 @@ function migrate_contracts_det($db, $langs, $conf)
$sql .= $obj->cref.", ".($obj->fk_product ? $obj->fk_product : 0).", ";
$sql .= "0, ";
$sql .= "'".$db->escape($obj->label)."', null, ";
$sql .= ($obj->date_contrat ? "'".$obj->date_contrat."'" : "null").", ";
$sql .= ($obj->date_contrat ? "'".$db->escape($obj->date_contrat)."'" : "null").", ";
$sql .= "null, ";
$sql .= "null, ";
$sql .= "'".$obj->tva_tx."' , 1, ";
$sql .= "'".$obj->price."', '".$obj->price."', ".$obj->fk_user_author.",";
$sql .= "'".$db->escape($obj->tva_tx)."' , 1, ";
$sql .= "'".$db->escape($obj->price)."', '".$db->escape($obj->price)."', ".$obj->fk_user_author.",";
$sql .= "null";
$sql .= ")";
@ -1171,9 +1171,11 @@ function migrate_contracts_date2($db, $langs, $conf)
$obj = $db->fetch_object($resql);
if ($obj->date_contrat > $obj->datemin)
{
$datemin = $db->jdate($obj->datemin);
print $langs->trans('MigrationContractsInvalidDateFix', $obj->cref, $obj->date_contrat, $obj->datemin)."<br>\n";
$sql = "UPDATE ".MAIN_DB_PREFIX."contrat";
$sql .= " SET date_contrat='".$obj->datemin."'";
$sql .= " SET date_contrat='".$db->idate($datemin)."'";
$sql .= " WHERE rowid=".$obj->cref;
$resql2 = $db->query($sql);
if (!$resql2) dol_print_error($db);
@ -2088,9 +2090,11 @@ function migrate_commande_livraison($db, $langs, $conf)
if ($resql2)
{
$date_livraison = $db->jdate($obj->date_livraison);
$sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
$sqlu .= " ref_client='".$obj->ref_client."'";
$sqlu .= ", date_livraison='".$obj->date_livraison."'";
$sqlu .= " ref_client='".$db->escape($obj->ref_client)."'";
$sqlu .= ", date_livraison='".$db->idate($date_livraison)."'";
$sqlu .= " WHERE rowid = ".$obj->rowid;
$resql3 = $db->query($sqlu);
if (!$resql3)
@ -2172,8 +2176,8 @@ function migrate_detail_livraison($db, $langs, $conf)
$sql = "UPDATE ".MAIN_DB_PREFIX."livraisondet SET";
$sql .= " fk_product=".$obj->fk_product;
$sql .= ",description='".$db->escape($obj->description)."'";
$sql .= ",subprice='".$obj->subprice."'";
$sql .= ",total_ht='".$obj->total_ht."'";
$sql .= ",subprice='".$db->escape($obj->subprice)."'";
$sql .= ",total_ht='".$db->escape($obj->total_ht)."'";
$sql .= " WHERE fk_commande_ligne = ".$obj->rowid;
$resql2 = $db->query($sql);
@ -2190,7 +2194,7 @@ function migrate_detail_livraison($db, $langs, $conf)
$total_ht = $obju->total_ht + $obj->total_ht;
$sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
$sqlu .= " total_ht='".$total_ht."'";
$sqlu .= " total_ht='".$db->escape($total_ht)."'";
$sqlu .= " WHERE rowid=".$obj->fk_livraison;
$resql4 = $db->query($sqlu);
if (!$resql4)
@ -2274,7 +2278,7 @@ function migrate_stocks($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."product SET";
$sql .= " stock = '".$obj->total."'";
$sql .= " stock = '".$db->escape($obj->total)."'";
$sql .= " WHERE rowid=".$obj->fk_product;
$resql2 = $db->query($sql);
@ -2343,7 +2347,7 @@ function migrate_menus($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."menu SET";
$sql .= " enabled = '".$obj->action."'";
$sql .= " enabled = '".$db->escape($obj->action)."'";
$sql .= " WHERE rowid=".$obj->rowid;
$sql .= " AND enabled = '1'";
@ -2419,7 +2423,7 @@ function migrate_commande_deliveryaddress($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."expedition SET";
$sql .= " fk_adresse_livraison = '".$obj->fk_adresse_livraison."'";
$sql .= " fk_adresse_livraison = '".$db->escape($obj->fk_adresse_livraison)."'";
$sql .= " WHERE rowid=".$obj->fk_expedition;
$resql2 = $db->query($sql);
@ -2508,7 +2512,7 @@ function migrate_restore_missing_links($db, $langs, $conf)
print 'Line '.$obj->rowid.' in '.$table1.' is linked to record '.$obj->field.' in '.$table2.' that has no link to '.$table1.'. We fix this.<br>';
$sql = "UPDATE ".MAIN_DB_PREFIX.$table2." SET";
$sql .= " ".$field2." = '".$obj->rowid."'";
$sql .= " ".$field2." = '".$db->escape($obj->rowid)."'";
$sql .= " WHERE rowid=".$obj->field;
$resql2 = $db->query($sql);
@ -2568,7 +2572,7 @@ function migrate_restore_missing_links($db, $langs, $conf)
print 'Line '.$obj->rowid.' in '.$table1.' is linked to record '.$obj->field.' in '.$table2.' that has no link to '.$table1.'. We fix this.<br>';
$sql = "UPDATE ".MAIN_DB_PREFIX.$table2." SET";
$sql .= " ".$field2." = '".$obj->rowid."'";
$sql .= " ".$field2." = '".$db->escape($obj->rowid)."'";
$sql .= " WHERE rowid=".$obj->field;
$resql2 = $db->query($sql);
@ -2821,9 +2825,9 @@ function migrate_relationship_tables($db, $langs, $conf, $table, $fk_source, $so
$sqlInsert .= ", targettype";
$sqlInsert .= ") VALUES (";
$sqlInsert .= $obj->$fk_source;
$sqlInsert .= ", '".$sourcetype."'";
$sqlInsert .= ", '".$db->escape($sourcetype)."'";
$sqlInsert .= ", ".$obj->$fk_target;
$sqlInsert .= ", '".$targettype."'";
$sqlInsert .= ", '".$db->escape($targettype)."'";
$sqlInsert .= ")";
$result = $db->query($sqlInsert);
@ -3023,8 +3027,8 @@ function migrate_customerorder_shipping($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."expedition SET";
$sqlUpdate .= " ref_customer = '".$obj->ref_client."'";
$sqlUpdate .= ", date_delivery = '".($obj->date_livraison ? $obj->date_livraison : 'null')."'";
$sqlUpdate .= " ref_customer = '".$db->escape($obj->ref_client)."'";
$sqlUpdate .= ", date_delivery = '".$db->escape($obj->date_livraison ? $obj->date_livraison : 'null')."'";
$sqlUpdate .= " WHERE rowid = ".$obj->shipping_id;
$result = $db->query($sqlUpdate);
@ -3210,8 +3214,8 @@ function migrate_shipping_delivery2($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
$sqlUpdate .= " ref_customer = '".$obj->ref_customer."',";
$sqlUpdate .= " date_delivery = ".($obj->date_delivery ? "'".$obj->date_delivery."'" : 'null');
$sqlUpdate .= " ref_customer = '".$db->escape($obj->ref_customer)."',";
$sqlUpdate .= " date_delivery = ".($obj->date_delivery ? "'".$db->escape($obj->date_delivery)."'" : 'null');
$sqlUpdate .= " WHERE rowid = ".$obj->delivery_id;
$result = $db->query($sqlUpdate);
@ -3277,7 +3281,7 @@ function migrate_actioncomm_element($db, $langs, $conf)
$db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."actioncomm SET ";
$sql .= "fk_element = ".$field.", elementtype = '".$type."'";
$sql .= "fk_element = ".$field.", elementtype = '".$db->escape($type)."'";
$sql .= " WHERE ".$field." IS NOT NULL";
$sql .= " AND fk_element IS NULL";
$sql .= " AND elementtype IS NULL";
@ -3336,7 +3340,7 @@ function migrate_mode_reglement($db, $langs, $conf)
$sqlSelect = "SELECT id";
$sqlSelect .= " FROM ".MAIN_DB_PREFIX."c_paiement";
$sqlSelect .= " WHERE id = ".$old_id;
$sqlSelect .= " AND code = '".$elements['code'][$key]."'";
$sqlSelect .= " AND code = '".$db->escape($elements['code'][$key])."'";
$resql = $db->query($sqlSelect);
if ($resql)
@ -3351,13 +3355,13 @@ function migrate_mode_reglement($db, $langs, $conf)
$sqla = "UPDATE ".MAIN_DB_PREFIX."paiement SET ";
$sqla .= "fk_paiement = ".$elements['new_id'][$key];
$sqla .= " WHERE fk_paiement = ".$old_id;
$sqla .= " AND fk_paiement IN (SELECT id FROM ".MAIN_DB_PREFIX."c_paiement WHERE id = ".$old_id." AND code = '".$elements['code'][$key]."')";
$sqla .= " AND fk_paiement IN (SELECT id FROM ".MAIN_DB_PREFIX."c_paiement WHERE id = ".$old_id." AND code = '".$db->escape($elements['code'][$key])."')";
$resqla = $db->query($sqla);
$sql = "UPDATE ".MAIN_DB_PREFIX."c_paiement SET ";
$sql .= "id = ".$elements['new_id'][$key];
$sql .= " WHERE id = ".$old_id;
$sql .= " AND code = '".$elements['code'][$key]."'";
$sql .= " AND code = '".$db->escape($elements['code'][$key])."'";
$resql = $db->query($sql);
if ($resqla && $resql)

2
htdocs/webservices/server_user.php
View File

@ -540,7 +540,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."c_country";
$sql .= " WHERE active = 1";
$sql .= " AND code='".$thirdparty->country_code."'";
$sql .= " AND code='".$db->escape($thirdparty->country_code)."'";
$resql = $db->query($sql);
if ($resql)

4
htdocs/website/class/websitepage.class.php
View File

@ -382,9 +382,9 @@ class WebsitePage extends CommonObject
if (count($filter) > 0) {
foreach ($filter as $key => $value) {
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
$sqlwhere[] = $key.'='.$value;
$sqlwhere[] = $key.' = '.$value;
} elseif ($key == 'type_container') {
$sqlwhere[] = $key."='".$value."'";
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
} elseif ($key == 'lang' || $key == 't.lang') {
$listoflang = array();
$foundnull = 0;

2
test/phpunit/CodingPhpTest.php
View File

@ -152,7 +152,7 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
$db=$this->savdb;
include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$filesarray = dol_dir_list(DOL_DOCUMENT_ROOT.'/core', 'files', 1, '\.php', null, 'fullname');
$filesarray = dol_dir_list(DOL_DOCUMENT_ROOT.'/bom', 'files', 1, '\.php', null, 'fullname');
//$filesarray = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, '\.php', null, 'fullname');
foreach ($filesarray as $key => $file)