Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
Sanitized and bound queries (#11413) (#11445) (#11456) (#11457)
Browse files Browse the repository at this point in the history
lines : 130 -142
  • Loading branch information
emabassi-ext authored Jul 29, 2022
1 parent cf0e5a4 commit 35c71e1
Showing 1 changed file with 10 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -124,10 +124,12 @@ function multipleHostGroupDependencyInDB($dependencies = array(), $nbrDup = arra
"WHERE dependency_dep_id = '" . $key . "'";
$dbResult = $pearDB->query($query);
$fields["dep_hgParents"] = "";
$query = "INSERT INTO dependency_hostgroupParent_relation VALUES (:max_id, :hg_id)";
$statement = $pearDB->prepare($query);
while ($hg = $dbResult->fetch()) {
$query = "INSERT INTO dependency_hostgroupParent_relation VALUES ('" .
$maxId["MAX(dep_id)"] . "', '" . $hg["hostgroup_hg_id"] . "')";
$pearDB->query($query);
$statement->bindValue(':max_id', (int) $maxId["MAX(dep_id)"], \PDO::PARAM_INT);
$statement->bindValue(':hg_id', (int) $hg["hostgroup_hg_id"], \PDO::PARAM_INT);
$statement->execute();
$fields["dep_hgParents"] .= $hg["hostgroup_hg_id"] . ",";
}
$fields["dep_hgParents"] = trim($fields["dep_hgParents"], ",");
Expand All @@ -136,10 +138,12 @@ function multipleHostGroupDependencyInDB($dependencies = array(), $nbrDup = arra
"WHERE dependency_dep_id = '" . $key . "'";
$dbResult = $pearDB->query($query);
$fields["dep_hgChilds"] = "";
$query = "INSERT INTO dependency_hostgroupChild_relation VALUES (:max_id, :hg_id)";
$statement = $pearDB->prepare($query);
while ($hg = $dbResult->fetch()) {
$query = "INSERT INTO dependency_hostgroupChild_relation VALUES ('" .
$maxId["MAX(dep_id)"] . "', '" . $hg["hostgroup_hg_id"] . "')";
$pearDB->query($query);
$statement->bindValue(':max_id', (int) $maxId["MAX(dep_id)"], \PDO::PARAM_INT);
$statement->bindValue(':hg_id', (int) $hg["hostgroup_hg_id"], \PDO::PARAM_INT);
$statement->execute();
$fields["dep_hgChilds"] .= $hg["hostgroup_hg_id"] . ",";
}
$fields["dep_hgChilds"] = trim($fields["dep_hgChilds"], ",");
Expand Down

0 comments on commit 35c71e1

Please sign in to comment.