Skip to content

Commit

Permalink
QA: Issue with SQL Injection Check
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheWitness
TheWitness committed Dec 23, 2024
1 parent 7c02f88 commit 9ca67c0
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions lib/api_automation.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1411,8 +1411,8 @@ function clearFilter() {
$sql_field = $item['field'] . ' AS source ';
} else {
$sql_field = '"SQL Injection" AS source ';
cacti_log('Attempted SQL Injection found in Tree Automation for the field variable.', false, 'AUTOM8');
raise_message('sql_injection', __('Attempted SQL Injection found in Tree Automation for the field variable.'), MESSAGE_LEVEL_ERROR);
cacti_log("Attempted SQL Injection found in Tree Automation for the field variable {$item['field']}.", false, 'AUTOM8');
raise_message('sql_injection', __("Attempted SQL Injection found in Tree Automation for the field variable {$item['field']}."), MESSAGE_LEVEL_ERROR);
}

/* now we build up a new query for counting the rows */
Expand Down Expand Up @@ -1509,7 +1509,7 @@ function clearFilter() {
}

function api_automation_column_exists($column, $tables) {
$column = str_replace(array('h.', 'ht.', 'gt.', 'gl.', 'gtg.'), '', 1);
$column = str_replace(array('h.', 'ht.', 'gt.', 'gl.', 'gtg.'), array('', '', '', '', ''), $column);

if (cacti_sizeof($tables)) {
foreach($tables as $table) {
Expand Down

0 comments on commit 9ca67c0

Please sign in to comment.