mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-13 04:53:26 +00:00
More SQL Injection prevention.
This commit is contained in:
Benoît Burnichon
@@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
use Alchemy\Phrasea\Application;
|
use Alchemy\Phrasea\Application;
|
||||||
use Alchemy\Phrasea\Model\Entities\User;
|
use Alchemy\Phrasea\Model\Entities\User;
|
||||||
|
use Doctrine\DBAL\Connection;
|
||||||
|
|
||||||
class eventsmanager_broker
|
class eventsmanager_broker
|
||||||
{
|
{
|
||||||
@@ -260,12 +261,21 @@ class eventsmanager_broker
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql = 'UPDATE notifications SET unread="0"
|
$sql = 'UPDATE notifications SET unread="0" WHERE usr_id = :usr_id AND (id IN (:notifications))';
|
||||||
WHERE usr_id = :usr_id
|
|
||||||
AND (id="' . implode('" OR id="', $notifications) . '")';
|
|
||||||
|
|
||||||
$stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
|
/** @var Connection $connection */
|
||||||
$stmt->execute([':usr_id' => $usr_id]);
|
$connection = $this->app['phraseanet.appbox']->get_connection();
|
||||||
|
$stmt = $connection->prepare($sql);
|
||||||
|
$stmt->execute(
|
||||||
|
[
|
||||||
|
'usr_id' => $usr_id,
|
||||||
|
'notifications' => $notifications,
|
||||||
|
],
|
||||||
|
[
|
||||||
|
'usr_id' => PDO::PARAM_INT,
|
||||||
|
'notifications' => Connection::PARAM_INT_ARRAY,
|
||||||
|
]
|
||||||
|
);
|
||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
|
|||||||
@@ -44,6 +44,7 @@ class module_console_fieldsMerge extends Command
|
|||||||
$output->writeln("");
|
$output->writeln("");
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
/** @var databox $databox */
|
||||||
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
|
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
$output->writeln("<error>Invalid databox id </error>");
|
$output->writeln("<error>Invalid databox id </error>");
|
||||||
@@ -155,11 +156,16 @@ class module_console_fieldsMerge extends Command
|
|||||||
$start = 0;
|
$start = 0;
|
||||||
$quantity = 100;
|
$quantity = 100;
|
||||||
|
|
||||||
|
$builder = $databox->get_connection()->createQueryBuilder();
|
||||||
|
$builder
|
||||||
|
->select('r.record_id')
|
||||||
|
->from('record', 'r')
|
||||||
|
->orderBy('r.record_id', 'ASC')
|
||||||
|
->setFirstResult($start)
|
||||||
|
->setMaxResults($quantity)
|
||||||
|
;
|
||||||
do {
|
do {
|
||||||
$sql = 'SELECT record_id FROM record
|
$stmt = $builder->execute();
|
||||||
ORDER BY record_id LIMIT ' . $start . ', ' . $quantity;
|
|
||||||
$stmt = $databox->get_connection()->prepare($sql);
|
|
||||||
$stmt->execute();
|
|
||||||
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
|
|||||||
@@ -35,6 +35,7 @@ class module_console_fieldsRename extends Command
|
|||||||
$new_name = $input->getArgument('name');
|
$new_name = $input->getArgument('name');
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
/** @var databox $databox */
|
||||||
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
|
$databox = $this->getService('phraseanet.appbox')->get_databox((int) $input->getArgument('sbas_id'));
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
$output->writeln("<error>Invalid databox id </error>");
|
$output->writeln("<error>Invalid databox id </error>");
|
||||||
@@ -84,13 +85,18 @@ class module_console_fieldsRename extends Command
|
|||||||
$start = 0;
|
$start = 0;
|
||||||
$quantity = 100;
|
$quantity = 100;
|
||||||
|
|
||||||
|
$builder = $databox->get_connection()->createQueryBuilder();
|
||||||
|
$builder
|
||||||
|
->select('r.record_id')
|
||||||
|
->from('record', 'r')
|
||||||
|
->orderBy('r.record_id', 'ASC')
|
||||||
|
->setFirstResult($start)
|
||||||
|
->setMaxResults($quantity)
|
||||||
|
;
|
||||||
do {
|
do {
|
||||||
$output->write("\rUpdating records... <info>".min($start, $total)." / $total</info>");
|
$output->write("\rUpdating records... <info>".min($start, $total)." / $total</info>");
|
||||||
|
|
||||||
$sql = 'SELECT record_id FROM record
|
$stmt = $builder->execute();
|
||||||
ORDER BY record_id LIMIT ' . $start . ', ' . $quantity;
|
|
||||||
$stmt = $databox->get_connection()->prepare($sql);
|
|
||||||
$stmt->execute();
|
|
||||||
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$results = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
|
|||||||
@@ -11,6 +11,7 @@
|
|||||||
|
|
||||||
use Alchemy\Phrasea\Command\Command;
|
use Alchemy\Phrasea\Command\Command;
|
||||||
use Alchemy\Phrasea\Model\Serializer\CaptionSerializer;
|
use Alchemy\Phrasea\Model\Serializer\CaptionSerializer;
|
||||||
|
use Doctrine\DBAL\Connection;
|
||||||
use Symfony\Component\Console\Input\InputInterface;
|
use Symfony\Component\Console\Input\InputInterface;
|
||||||
use Symfony\Component\Console\Input\InputOption;
|
use Symfony\Component\Console\Input\InputOption;
|
||||||
use Symfony\Component\Console\Output\OutputInterface;
|
use Symfony\Component\Console\Output\OutputInterface;
|
||||||
@@ -120,6 +121,7 @@ class module_console_systemExport extends Command
|
|||||||
|
|
||||||
$total = $errors = 0;
|
$total = $errors = 0;
|
||||||
|
|
||||||
|
/** @var databox $databox */
|
||||||
foreach ($this->getService('phraseanet.appbox')->get_databoxes() as $databox) {
|
foreach ($this->getService('phraseanet.appbox')->get_databoxes() as $databox) {
|
||||||
$output->writeln(sprintf("Processing <info>%s</info>", $databox->get_label($this->container['locale'])));
|
$output->writeln(sprintf("Processing <info>%s</info>", $databox->get_label($this->container['locale'])));
|
||||||
|
|
||||||
@@ -153,20 +155,27 @@ class module_console_systemExport extends Command
|
|||||||
|
|
||||||
$this->getService('filesystem')->mkdir($local_export);
|
$this->getService('filesystem')->mkdir($local_export);
|
||||||
|
|
||||||
$sql = 'SELECT record_id FROM record WHERE parent_record_id = 0 ';
|
$builder = $databox->get_connection()->createQueryBuilder();
|
||||||
|
$builder
|
||||||
|
->select('r.record_id')
|
||||||
|
->from('record', 'r')
|
||||||
|
->where($builder->expr()->eq('r.parent_record_id', $builder->expr()->literal(0)))
|
||||||
|
;
|
||||||
|
|
||||||
if (count($coll_ids) > 0) {
|
if (count($coll_ids) > 0) {
|
||||||
$sql .= ' AND coll_id IN (' . implode(', ', $coll_ids) . ') ';
|
$builder
|
||||||
|
->andWhere($builder->expr()->in('r.coll_id', [':collIds']))
|
||||||
|
->setParameter('collIds', $coll_ids, Connection::PARAM_INT_ARRAY)
|
||||||
|
;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql .= ' ORDER BY record_id ASC ';
|
$builder->orderBy('r.record_id', 'ASC');
|
||||||
|
|
||||||
if ($limit) {
|
if ($limit) {
|
||||||
$sql .= ' LIMIT 0, ' . $limit;
|
$builder->setMaxResults($limit);
|
||||||
}
|
}
|
||||||
|
|
||||||
$stmt = $databox->get_connection()->prepare($sql);
|
$stmt = $builder->execute();
|
||||||
$stmt->execute();
|
|
||||||
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
$stmt->closeCursor();
|
$stmt->closeCursor();
|
||||||
|
|
||||||
|
|||||||
@@ -106,8 +106,6 @@ class module_report_activity extends module_report
|
|||||||
WHERE (" . $filter['sql'] . ") AND !ISNULL(usrid)
|
WHERE (" . $filter['sql'] . ") AND !ISNULL(usrid)
|
||||||
GROUP BY heures;";
|
GROUP BY heures;";
|
||||||
|
|
||||||
// no_file_put_contents("/tmp/report.txt", sprintf("%s (%s)\n%s\n\n", __FILE__, __LINE__, $sql), FILE_APPEND);
|
|
||||||
|
|
||||||
$stmt = $sqlBuilder->getConnBas()->prepare($sql);
|
$stmt = $sqlBuilder->getConnBas()->prepare($sql);
|
||||||
$stmt->execute($params);
|
$stmt->execute($params);
|
||||||
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||||
|
|||||||
Reference in New Issue
Block a user