Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix sql injection reported by Jason Nordenstam

Browse Source
This commit is contained in:
Laurent Destailleur 2020-10-14 01:52:53 +02:00
parent 4a3a3190ea
commit 7838ca32ba
6 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/comm/propal/class/propal.class.php
View File

@ -3153,7 +3153,7 @@ class Propal extends CommonObject
$sql .= " c.datec, c.date_valid as datev, c.date_cloture as dateo,";
$sql .= " c.fk_user_author, c.fk_user_valid, c.fk_user_cloture";
$sql .= " FROM ".MAIN_DB_PREFIX."propal as c";
$sql .= " WHERE c.rowid = ".$id;
$sql .= " WHERE c.rowid = ".((int) $id);
$result = $this->db->query($sql);

2
htdocs/compta/paiement/cheque/class/remisecheque.class.php
View File

@ -98,7 +98,7 @@ class RemiseCheque extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."bordereau_cheque as bc";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON bc.fk_bank_account = ba.rowid";
$sql .= " WHERE bc.entity = ".$conf->entity;
if ($id) $sql .= " AND bc.rowid = ".$id;
if ($id) $sql .= " AND bc.rowid = ".((int) $id);
if ($ref) $sql .= " AND bc.ref = '".$this->db->escape($ref)."'";
dol_syslog("RemiseCheque::fetch", LOG_DEBUG);

2
htdocs/contact/class/contact.class.php
View File

@ -879,7 +879,7 @@ class Contact extends CommonObject
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON c.rowid = u.fk_socpeople";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid";
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_stcommcontact as st ON c.fk_stcommcontact = st.id';
if ($id) $sql .= " WHERE c.rowid = ".$id;
if ($id) $sql .= " WHERE c.rowid = ".((int) $id);
else {
$sql .= " WHERE c.entity IN (".getEntity($this->element).")";
if ($ref_ext) {

2
htdocs/contrat/class/contrat.class.php
View File

@ -2028,7 +2028,7 @@ class Contrat extends CommonObject
$sql .= " c.tms as date_modification,";
$sql .= " fk_user_author";
$sql .= " FROM ".MAIN_DB_PREFIX."contrat as c";
$sql .= " WHERE c.rowid = ".$id;
$sql .= " WHERE c.rowid = ".((int) $id);
$result = $this->db->query($sql);
if ($result)

2
htdocs/core/class/comment.class.php
View File

@ -186,7 +186,7 @@ class Comment extends CommonObject
$sql .= " c.entity,";
$sql .= " c.import_key";
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as c";
$sql .= " WHERE c.rowid = ".$id;
$sql .= " WHERE c.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/supplier_proposal/class/supplier_proposal.class.php
View File

@ -2103,7 +2103,7 @@ class SupplierProposal extends CommonObject
$sql .= " c.datec, c.date_valid as datev, c.date_cloture as dateo,";
$sql .= " c.fk_user_author, c.fk_user_valid, c.fk_user_cloture";
$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as c";
$sql .= " WHERE c.rowid = ".$id;
$sql .= " WHERE c.rowid = ".((int) $id);
$result = $this->db->query($sql);