[SNYK] Sanitize and bind centreonGraph class queries (#11409)

1122 1153 1134
centreon · Jul 29, 2022 · f20b8eb · f20b8eb
1 parent 35967db
commit f20b8eb
Showing 1 changed file with 17 additions and 15 deletions.
diff --git a/www/class/centreonGraph.class.php b/www/class/centreonGraph.class.php
@@ -1076,16 +1076,18 @@ private function getDefaultGraphTemplate()
             return;
         } else {
             $command_id = getMyServiceField($this->indexData["service_id"], "command_command_id");
-            $DBRESULT = $this->DB->query("SELECT graph_id FROM command WHERE `command_id` = '" . $command_id . "'");
-            if ($DBRESULT->rowCount()) {
-                $data = $DBRESULT->fetch();
+            $statement = $this->DB->prepare("SELECT graph_id FROM command WHERE `command_id` = :command_id");
+            $statement->bindValue(':command_id', (int) $command_id, \PDO::PARAM_INT);
+            $statement->execute();
+            if ($statement->rowCount()) {
+                $data = $statement->fetch();
                 if ($data["graph_id"] != 0) {
                     $this->templateId = $data["graph_id"];
                     unset($data);
                     return;
                 }
             }
-            $DBRESULT->closeCursor();
+            $statement->closeCursor();
             unset($command_id);
         }
         $DBRESULT = $this->DB->query("SELECT graph_id FROM giv_graphs_template WHERE default_tpl1 = '1' LIMIT 1");
@@ -1119,12 +1121,12 @@ public function setTemplate($template_id = null)
                 /*
                  * Graph is based on a module check point
                  */
-                $DBRESULT_meta = $this->DB->query(
-                    "SELECT graph_id
+                $statement = $this->DB->prepare("SELECT graph_id
                         FROM meta_service
-                        WHERE `meta_name` = '" . $this->indexData["service_description"] . "'"
-                );
-                $meta = $DBRESULT_meta->fetch();
+                        WHERE `meta_name` = :service_desc");
+                $statement->bindValue(':service_desc', $this->indexData["service_description"], PDO::PARAM_STR);
+                $statement->execute();
+                $meta = $statement->fetch();
                 $this->templateId = $meta["graph_id"];
                 unset($meta);
             }
@@ -1149,14 +1151,14 @@ private function getServiceGraphID()
         $service_id = $this->indexData["service_id"];
 
         $tab = array();
-        while (1) {
-            $DBRESULT = $this->DB->query(
-                "SELECT esi.graph_id, service_template_model_stm_id
+        $statement = $this->DB->prepare("SELECT esi.graph_id, service_template_model_stm_id
                     FROM service
                     LEFT JOIN extended_service_information esi ON esi.service_service_id = service_id
-                    WHERE service_id = '" . $service_id . "' LIMIT 1"
-            );
-            $row = $DBRESULT->fetch();
+                    WHERE service_id = :service_id LIMIT 1");
+        while (1) {
+            $statement->bindValue(':service_id', (int) $service_id, \PDO::PARAM_INT);
+            $statement->execute();
+            $row = $statement->fetch();
             if ($row["graph_id"]) {
                 $this->graphID = $row["graph_id"];
                 return $this->graphID;