Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX CVE-2018-19998

Browse Source
This commit is contained in:
Laurent Destailleur 2018-12-22 17:16:08 +01:00
parent 74e75a7e2b
commit 2b088a73c1
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/user/card.php
View File

@ -350,7 +350,7 @@ if (empty($reshook)) {
$object->accountancy_code = GETPOST("accountancy_code",'alpha');
$object->openid = GETPOST("openid",'alpha');
$object->fk_user = GETPOST("fk_user",'int') > 0 ? GETPOST("fk_user",'int') : 0;
$object->employee = GETPOST('employee','alphanothtml');
$object->employee = GETPOST('employee','int');
$object->thm = GETPOST("thm",'alphanohtml') != '' ? GETPOST("thm",'alphanohtml') : '';
$object->tjm = GETPOST("tjm",'alphanohtml') != '' ? GETPOST("tjm",'alphanohtml') : '';

6
htdocs/user/class/user.class.php
View File

@ -1405,12 +1405,12 @@ class User extends CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
$sql.= " lastname = '".$this->db->escape($this->lastname)."'";
$sql.= ", firstname = '".$this->db->escape($this->firstname)."'";
$sql.= ", employee = ".$this->employee;
$sql.= ", employee = ".(int) $this->employee;
$sql.= ", login = '".$this->db->escape($this->login)."'";
$sql.= ", api_key = ".($this->api_key ? "'".$this->db->escape($this->api_key)."'" : "null");
$sql.= ", gender = ".($this->gender != -1 ? "'".$this->db->escape($this->gender)."'" : "null"); // 'man' or 'woman'
$sql.= ", birth=".(strval($this->birth)!='' ? "'".$this->db->idate($this->birth)."'" : 'null');
if (! empty($user->admin)) $sql.= ", admin = ".$this->admin; // admin flag can be set/unset only by an admin user
if (! empty($user->admin)) $sql.= ", admin = ".(int) $this->admin; // admin flag can be set/unset only by an admin user
$sql.= ", address = '".$this->db->escape($this->address)."'";
$sql.= ", zip = '".$this->db->escape($this->zip)."'";
$sql.= ", town = '".$this->db->escape($this->town)."'";
@ -1502,7 +1502,7 @@ class User extends CommonObject
$adh->zip=$this->zip;
$adh->state_id=$this->state_id;
$adh->country_id=$this->country_id;
$adh->email=$this->email;
$adh->skype=$this->skype;
$adh->phone=$this->office_phone;