Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Commit

Permalink
Fix: Sanitize and bind host category listing (#11805)
Browse files Browse the repository at this point in the history
  • Loading branch information
@emabassi-ext
emabassi-ext authored Sep 21, 2022
1 parent cfb89b4 commit 64c2e18
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions www/include/configuration/configObject/host_categories/listHostCategories.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,16 +141,16 @@
$aclFrom = ", $aclDbName.centreon_acl acl ";
$aclCond = " AND h.host_id = acl.host_id AND acl.group_id IN (" . $acl->getAccessGroupsString() . ") ";
}
$DBRESULT2 = $pearDB->query(
"SELECT h.host_id, h.host_activate " .
$hcStatement = $pearDB->prepare("SELECT h.host_id, h.host_activate " .
"FROM hostcategories_relation hcr, host h " . $aclFrom .
" WHERE hostcategories_hc_id = '" . $hc['hc_id'] . "'" .
" WHERE hostcategories_hc_id = :hcId" .
" AND h.host_id = hcr.host_host_id " . $aclCond .
" AND h.host_register = '1' "
);
" AND h.host_register = '1' ");
$hcStatement->bindValue(':hcId', (int) $hc['hc_id'], \PDO::PARAM_INT);
$hcStatement->execute();
$nbrhostActArr = array();
$nbrhostDeactArr = array();
while ($row = $DBRESULT2->fetch()) {
while ($row = $hcStatement->fetch()) {
if ($row['host_activate']) {
$nbrhostActArr[$row['host_id']] = true;
} else {
Expand Down

0 comments on commit 64c2e18

Please sign in to comment.