Navigation

← Previous Changeset
Next Changeset →

Changeset 7049

Timestamp:

10/20/08 15:27:59 (5 years ago)

Author:

p_lindheimer

Message:

fixed #3260 allows quotes in cidlookup, also fixes other potential sql injection attacks from the GUI

Files:

modules/branches/2.5/cidlookup/functions.inc.php (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

modules/branches/2.5/cidlookup/functions.inc.php

r6450	r7049
235	235	";
236	236
237		~~//$results = sql("SELECT * FROM cidlookup_incoming","getAll",DB_FETCHMODE_ASSOC);~~
238	237	$results = sql($sql,"getAll",DB_FETCHMODE_ASSOC);
239	238	return is_array($results)?$results:null;
…	…
268	267
269	268	function cidlookup_add($post){
270		if(!cidlookup_chk($post))
271		return false;
272		extract($post);
273		if (!isset($cache))
274		$cache = 0;
	269	global $db;
	270
	271	$description = $db->escapeSimple($post['description']);
	272	$sourcetype = $db->escapeSimple($post['sourcetype']);
	273	$deptname = $db->escapeSimple($post['deptname']);
	274	$http_host = $db->escapeSimple($post['http_host']);
	275	$http_port = $db->escapeSimple($post['http_port']);
	276	$http_username = $db->escapeSimple($post['http_username']);
	277	$http_password = $db->escapeSimple($post['http_password']);
	278	$http_path = $db->escapeSimple($post['http_path']);
	279	$http_query = $db->escapeSimple($post['http_query']);
	280	$mysql_host = $db->escapeSimple($post['mysql_host']);
	281	$mysql_dbname = $db->escapeSimple($post['mysql_dbname']);
	282	$mysql_query = $db->escapeSimple($post['mysql_query']);
	283	$mysql_username = $db->escapeSimple($post['mysql_username']);
	284	$mysql_password = $db->escapeSimple($post['mysql_password']);
	285
	286	$cache = isset($post['cache']) ? $db->escapeSimple($post['cache']) : 0;
	287
275	288	$results = sql("
276	289	INSERT INTO cidlookup
277	290	(description, sourcetype, cache, deptname, http_host, http_port, http_username, http_password, http_path, http_query, mysql_host, mysql_dbname, mysql_query, mysql_username, mysql_password)
278	291	VALUES
279		(\"$description\", \"$sourcetype\", \"$cache\", \"$deptname\", \"$http_host\", \"$http_port\", \"$http_username\", \"$http_password\", \"$http_path\", \"$http_query\", \"$mysql_host\", \"$mysql_dbname\", \"$mysql_query\", \"$mysql_username\", \"$mysql_password\")
	292	('$description', '$sourcetype', '$cache', '$deptname', '$http_host', '$http_port', '$http_username', '$http_password', '$http_path', '$http_query', '$mysql_host', '$mysql_dbname', '$mysql_query', '$mysql_username', '$mysql_password')
280	293	");
281	294	}
282	295
283	296	function cidlookup_edit($id,$post){
284		if(!cidlookup_chk($post))
285		return false;
286		extract($post);
287		if ($cache != 1)
	297	global $db;
	298
	299	$description = $db->escapeSimple($post['description']);
	300	$sourcetype = $db->escapeSimple($post['sourcetype']);
	301	$deptname = $db->escapeSimple($post['deptname']);
	302	$http_host = $db->escapeSimple($post['http_host']);
	303	$http_port = $db->escapeSimple($post['http_port']);
	304	$http_username = $db->escapeSimple($post['http_username']);
	305	$http_password = $db->escapeSimple($post['http_password']);
	306	$http_path = $db->escapeSimple($post['http_path']);
	307	$http_query = $db->escapeSimple($post['http_query']);
	308	$mysql_host = $db->escapeSimple($post['mysql_host']);
	309	$mysql_dbname = $db->escapeSimple($post['mysql_dbname']);
	310	$mysql_query = $db->escapeSimple($post['mysql_query']);
	311	$mysql_username = $db->escapeSimple($post['mysql_username']);
	312	$mysql_password = $db->escapeSimple($post['mysql_password']);
	313
	314	if (isset($post['cache']) && $post['cache'] != 1) {
288	315	$cache = 0;
	316	}
	317
289	318	$results = sql("
290	319	UPDATE cidlookup
291	320	SET
292		description = \"$description\",
293		deptname = \"$deptname\",
294		sourcetype = \"$sourcetype\" ,
295		cache = \"$cache\",
296		http_host = \"$http_host\",
297		http_port = \"$http_port\",
298		http_username = \"$http_username\",
299		http_password = \"$http_password\",
300		http_path = \"$http_path\",
301		http_query = \"$http_query\",
302		mysql_host = \"$mysql_host\",
303		mysql_dbname = \"$mysql_dbname\",
304		mysql_query = \"$mysql_query\",
305		mysql_username = \"$mysql_username\",
306		mysql_password = \"$mysql_password\"
307		WHERE cidlookup_id = \"$id\"");
308		}
309
310		// ensures post vars is valid
311		function cidlookup_chk($post){
312		// TODO: Add sanity checks on $_POST
313		return true;
	321	description = '$description',
	322	deptname = '$deptname',
	323	sourcetype = '$sourcetype' ,
	324	cache = '$cache',
	325	http_host = '$http_host',
	326	http_port = '$http_port',
	327	http_username = '$http_username',
	328	http_password = '$http_password',
	329	http_path = '$http_path',
	330	http_query = '$http_query',
	331	mysql_host = '$mysql_host',
	332	mysql_dbname = '$mysql_dbname',
	333	mysql_query = '$mysql_query',
	334	mysql_username = '$mysql_username',
	335	mysql_password = '$mysql_password'
	336	WHERE cidlookup_id = '$id'");
314	337	}
315	338	?>

Navigation

Changeset 7049

Legend:

modules/branches/2.5/cidlookup/functions.inc.php

Download in other formats:

Navigation

Downloads

Screenshots

Documentation

Training

Support

Store

Community

About