Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

fix(secu): sql injections in the service by hostgroups and servicegroups pages #7267

Merged
merged 5 commits into from
Mar 26, 2019
Merged

fix(secu): sql injections in the service by hostgroups and servicegroups pages #7267

merged 5 commits into from
Mar 26, 2019

Conversation

sc979
Copy link
Contributor

@sc979 sc979 commented Mar 11, 2019
edited
Loading

Fix SQL injection

Description

Restore the hostgroup select in the service by hostgroup page
Change the hostgroup select with a select2 (multiple false)
Fix SQL injections in services by hostgroup page
Fix SQL injections in services by servicegroup page

Fixes # (issue): None

Type of change

  • Patch fixing an issue (non-breaking change)

Target serie

  • 18.10.x
  • 19.04.x (master)

How this pull request can be tested ?

Please contact me in private

Checklist

Community contributors & Centreon team
  • I followed the coding style guidelines provided by Centreon
  • I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
  • I have commented my code, especially hard-to-understand areas of the PR.
  •  I have rebased my development branch on the base branch (master, maintenance).
  • I have made sure that the unit tests related to the story are successful.
  • I have made sure that unit tests covers 80% of the code written for the story.
  • I have made sure that acceptance tests related to the story are successful (local and CI)

@sc979 sc979 force-pushed the MON-3292-fix-sql-injection-servicehostgroups branch from 09d5ba3 to 79f9244 Compare March 12, 2019 08:34
@sc979 sc979 changed the title Mon 3292 fix sql injection servicehostgroups fix(secu): sql injections in the service by hostgroups and servicegroups pages Mar 13, 2019
@sc979 sc979 force-pushed the MON-3292-fix-sql-injection-servicehostgroups branch from d354979 to da0a770 Compare March 13, 2019 08:31
@sc979 sc979 force-pushed the MON-3292-fix-sql-injection-servicehostgroups branch from da0a770 to 07f83e3 Compare March 13, 2019 08:47
@sc979 sc979 force-pushed the MON-3292-fix-sql-injection-servicehostgroups branch from 07f83e3 to 85d031d Compare March 13, 2019 12:49
@sc979 sc979 requested a review from kduret March 19, 2019 11:03
@sc979 sc979 merged commit f8f0163 into 18.10.x Mar 26, 2019
sc979 added a commit that referenced this pull request Mar 26, 2019
@sc979
fix(secu): sql injections in the service by hostgroups and servicegro…
b46f7cf 
…ups pages (#7267)

* style: clean and remove dead code

* fix(DB): protect pages against SQL injection in services by hg or sg

* style and indentation
@sc979 sc979 deleted the MON-3292-fix-sql-injection-servicehostgroups branch March 26, 2019 15:00
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@jdelpierre jdelpierre jdelpierre approved these changes

@callapa callapa callapa approved these changes

@kduret kduret Awaiting requested review from kduret

Assignees
No one assigned
Labels
kind/bug kind/enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@sc979 @callapa @kduret @jdelpierre @lpinsivy