Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
fix(mon)SQL-Vulnerability_In_CustomViews
Browse files Browse the repository at this point in the history 
Update SQL query to prevent SQL injection in setRotate form

Refs: MON-2129
  • Loading branch information
@MatthieuMan @loiclau
MatthieuMan authored and loiclau committed Nov 27, 2017
1 parent 94f0511 commit 31c4a1d
Showing 1 changed file with 24 additions and 16 deletions.
40 changes: 24 additions & 16 deletions www/class/centreonUser.class.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -431,26 +431,34 @@ public function setContactParameters($db, $parameters = array())
if (!count($parameters)) {
return null;
}

$queryValues = array();
$keys = array_keys($parameters);

$deleteQuery = 'DELETE FROM contact_param '
. 'WHERE cp_contact_id = ' . $this->user_id . ' '
. 'AND cp_key IN("'
. implode('","', $keys)
. '") ';
$db->query($deleteQuery);

$insertQuery = 'INSERT INTO contact_param (cp_key, cp_value, cp_contact_id) VALUES ';
$first = true;
. 'WHERE cp_contact_id = ? '
. 'AND cp_key IN( ';
$queryValues[] = $this->user_id;

$queryKey ='';
foreach ($keys as $key) {
$queryKey .=' ?,';
$queryValues[] = $key;
}
$queryKey = rtrim($queryKey, ',');
$deleteQuery .= $queryKey. ' )';

$stmt = $db->prepare($deleteQuery);
$res = $db->execute($stmt, $queryValues);

if (PEAR::isError($res)) {
throw new Exception('Bad Request');
}

$insertQuery = 'INSERT INTO contact_param (cp_key, cp_value, cp_contact_id) VALUES (?, ?, ?)';
$stmt = $db->prepare($insertQuery);
foreach ($parameters as $key => $value) {
if (!$first) {
$insertQuery .= ',';
}
$insertQuery .= '("' . $key . '","' . $value . '", ' . $this->user_id . ')';
$first = false;
$sqlParams = array($key, $value, $this->user_id);
$db->execute($stmt, $sqlParams);
}
$db->query($insertQuery);
}

/**
Expand Down

0 comments on commit 31c4a1d

Please sign in to comment.