clean up all known sql injection

git-svn-id: http://www.observium.org/svn/observer/trunk@1975 61d68cd4-352d-0410-923a-c4978735b2b8
This commit is contained in:
Tom Laermans
2011-03-25 15:47:42 +00:00
parent c69779ac4f
commit dac063c0f6
3 changed files with 9 additions and 11 deletions
+2 -3
View File
@@ -40,9 +40,8 @@ print_optionbar_end();
echo('<table width="100%" cellspacing="0" cellpadding="2">');
# FIXME SQL INJECTION!!
if ($_POST['device_id']) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['interface']) { $where .= " AND I.ifDescr LIKE '".$_POST['interface']."'"; }
if (is_numeric($_POST['device_id'])) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['interface']) { $where .= " AND I.ifDescr LIKE '".mres($_POST['interface'])."'"; }
$sql = "SELECT * FROM `ipv4_addresses` AS A, `ports` AS I, `devices` AS D, `ipv4_networks` AS N WHERE I.interface_id = A.interface_id AND I.device_id = D.device_id AND N.ipv4_network_id = A.ipv4_network_id $where ORDER BY A.ipv4_address";
+2 -3
View File
@@ -40,9 +40,8 @@ print_optionbar_end();
echo('<table width="100%" cellspacing="0" cellpadding="2">');
# FIXME SQL INJECTION!!
if ($_POST['device_id']) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['interface']) { $where .= " AND I.ifDescr LIKE '".$_POST['interface']."'"; }
if (is_numeric($_POST['device_id'])) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['interface']) { $where .= " AND I.ifDescr LIKE '".mres($_POST['interface'])."'"; }
$sql = "SELECT * FROM `ipv6_addresses` AS A, `ports` AS I, `devices` AS D, `ipv6_networks` AS N WHERE I.interface_id = A.interface_id AND I.device_id = D.device_id AND N.ipv6_network_id = A.ipv6_network_id $where ORDER BY A.ipv6_address";
+5 -5
View File
@@ -85,6 +85,7 @@
# $sql = "SELECT * FROM `ports` AS I, `devices` AS D, `devices_perms` AS P WHERE I.device_id = D.device_id AND D.device_id = P.device_id AND P.user_id = '" . $_SESSION['user_id'] . "' ORDER BY D.hostname, I.ifDescr";
#}
# FIXME block below is not totally used, at least the iftype stuff is bogus?
if ($_GET['opta'] == "down" || $_GET['type'] == "down" || $_POST['state'] == "down")
{
$where .= "AND I.ifAdminStatus = 'up' AND I.ifOperStatus = 'down' AND I.ignore = '0'";
@@ -110,11 +111,10 @@ if ($_GET['opta'] == "down" || $_GET['type'] == "down" || $_POST['state'] == "do
$where .= " AND I.ifType = 'ppp'";
}
# FIXME SQL Injection!
if ($_POST['device_id']) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['ifType']) { $where .= " AND I.ifType = '".$_POST['ifType']."'"; }
if ($_POST['ifSpeed']) { $where .= " AND I.ifSpeed = '".$_POST['ifSpeed']."'"; }
if ($_POST['ifAlias']) { $where .= " AND I.ifAlias LIKE '%".$_POST['ifAlias']."%'"; }
if (is_numeric($_POST['device_id'])) { $where .= " AND I.device_id = '".$_POST['device_id']."'"; }
if ($_POST['ifType']) { $where .= " AND I.ifType = '".mres($_POST['ifType'])."'"; }
if (is_numeric($_POST['ifSpeed'])) { $where .= " AND I.ifSpeed = '".$_POST['ifSpeed']."'"; }
if ($_POST['ifAlias']) { $where .= " AND I.ifAlias LIKE '%".mres($_POST['ifAlias'])."%'"; }
if ($_POST['deleted'] || $_GET['type'] == "deleted") { $where .= " AND I.deleted = '1'"; }
$sql = "SELECT * FROM `ports` AS I, `devices` AS D WHERE I.device_id = D.device_id $where ORDER BY D.hostname, I.ifIndex";