From e985a862d062ebe3f52e8c889d37cb87f425949c Mon Sep 17 00:00:00 2001 From: schapron Date: Wed, 30 Oct 2019 09:56:31 +0100 Subject: [PATCH 1/3] style --- .../status/ServicesHostGroups/xml/serviceGridByHGXML.php | 4 +--- .../ServicesHostGroups/xml/serviceSummaryByHGXML.php | 8 +++----- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php b/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php index 2a7969bf252..44ebc009810 100644 --- a/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php +++ b/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php @@ -33,9 +33,7 @@ * */ -require_once realpath(__DIR__ . "/../../../../../../config/centreon.config.php"); require_once realpath(__DIR__ . "/../../../../../../bootstrap.php"); - include_once _CENTREON_PATH_ . "www/class/centreonUtils.class.php"; include_once _CENTREON_PATH_ . "www/class/centreonXMLBGRequest.class.php"; include_once _CENTREON_PATH_ . "www/include/monitoring/status/Common/common-Func.php"; @@ -47,7 +45,7 @@ $obj = new CentreonXMLBGRequest($dependencyInjector, session_id(), 1, 1, 0, 1); $svcObj = new CentreonService($obj->DB); -if (!isset($obj->session_id) && !CentreonSession::checkSession($obj->session_id, $obj->DB)) { +if (!isset($obj->session_id) || !CentreonSession::checkSession($obj->session_id, $obj->DB)) { print "Bad Session ID"; exit(); } diff --git a/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php b/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php index 8e005e87bb5..778ef94f083 100644 --- a/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php +++ b/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php @@ -1,5 +1,4 @@ (int) $instance + PDO::PARAM_INT => (int)$instance ]; } @@ -133,10 +131,10 @@ PDO::PARAM_STR => $sort_type ]; $queryValues[':numLimit'] = [ - PDO::PARAM_INT => (int) ($num * $limit) + PDO::PARAM_INT => (int)($num * $limit) ]; $queryValues[':limit'] = [ - PDO::PARAM_INT => (int) $limit + PDO::PARAM_INT => (int)$limit ]; $DBRESULT = $obj->DBC->prepare($rq1); From 01f8bdc0f3bddbd7086e808ce509cf33a3959c26 Mon Sep 17 00:00:00 2001 From: schapron Date: Wed, 30 Oct 2019 10:01:15 +0100 Subject: [PATCH 2/3] fix(secu): sanitize or remove unused params in serviceSummaryBYHGXML file --- .../xml/serviceSummaryByHGXML.php | 35 ++++++++++++------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php b/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php index 778ef94f083..10ddafb74f4 100644 --- a/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php +++ b/www/include/monitoring/status/ServicesHostGroups/xml/serviceSummaryByHGXML.php @@ -52,20 +52,31 @@ $obj->getDefaultFilters(); // Check Arguments From GET tab -$o = $obj->checkArgument("o", $_GET, "h"); -$p = $obj->checkArgument("p", $_GET, "2"); -$hg = $obj->checkArgument("hg", $_GET, ""); -$num = $obj->checkArgument("num", $_GET, 0); -$limit = $obj->checkArgument("limit", $_GET, 20); -$instance = $obj->checkArgument("instance", $_GET, $obj->defaultPoller); -$hostgroup = $obj->checkArgument("hg_search", $_GET, ""); -$search = $obj->checkArgument("search", $_GET, ""); -$sort_type = $obj->checkArgument("sort_type", $_GET, "alias"); -$order = $obj->checkArgument("order", $_GET, "ASC"); -$dateFormat = $obj->checkArgument("date_time_format_status", $_GET, "Y/m/d H:i:s"); +$o = filter_input(INPUT_GET, 'o', FILTER_SANITIZE_STRING, array('options' => array('default' => 'h'))); +$p = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT, array('options' => array('default' => 2))); +$num = filter_input(INPUT_GET, 'num', FILTER_VALIDATE_INT, array('options' => array('default' => 0))); +$limit = filter_input(INPUT_GET, 'limit', FILTER_VALIDATE_INT, array('options' => array('default' => 20))); +//if instance value is not set, displaying all active pollers linked resources +$instance = filter_var($obj->defaultPoller ?? -1, FILTER_VALIDATE_INT); +$hostgroup = filter_input(INPUT_GET, 'hg_search', FILTER_SANITIZE_STRING, array('options' => array('default' => ''))); +$search = filter_input(INPUT_GET, 'search', FILTER_SANITIZE_STRING, array('options' => array('default' => ''))); +$sort_type = filter_input( + INPUT_GET, + 'sort_type', + FILTER_SANITIZE_STRING, + array('options' => array('default' => 'alias')) +); +$order = filter_input( + INPUT_GET, + 'order', + FILTER_VALIDATE_REGEXP, + array('options' => array('default' => 'ASC', 'regexp' => '/^(ASC|DESC)$/')) +); $grouplistStr = $obj->access->getAccessGroupsString(); -$queryValues = array(); +//saving bound values +$queryValues = []; + // Get Host status $rq1 = "SELECT SQL_CALC_FOUND_ROWS DISTINCT h.name AS host_name, hg.name AS hgname, hgm.hostgroup_id, h.host_id, " . "h.state, h.icon_image FROM hostgroups hg, hosts_hostgroups hgm, hosts h "; From 545b2aba00db5c2bae9450da208041f142138635 Mon Sep 17 00:00:00 2001 From: schapron Date: Wed, 30 Oct 2019 10:06:35 +0100 Subject: [PATCH 3/3] fix(secu): sanitize or remove unused params in serviceGridBYHGXML file --- .../xml/serviceGridByHGXML.php | 35 ++++++++++++------- 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php b/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php index 44ebc009810..ff8ebeb3e1c 100644 --- a/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php +++ b/www/include/monitoring/status/ServicesHostGroups/xml/serviceGridByHGXML.php @@ -61,20 +61,31 @@ $obj->getDefaultFilters(); // Check Arguments From GET tab -$o = $obj->checkArgument("o", $_GET, "h"); -$p = $obj->checkArgument("p", $_GET, "2"); -$hg = $obj->checkArgument("hg", $_GET, ""); -$num = $obj->checkArgument("num", $_GET, 0); -$limit = $obj->checkArgument("limit", $_GET, 20); -$instance = $obj->checkArgument("instance", $_GET, $obj->defaultPoller); -$hostgroup = $obj->checkArgument("hg_search", $_GET, ""); -$search = $obj->checkArgument("search", $_GET, ""); -$sort_type = $obj->checkArgument("sort_type", $_GET, "host_name"); -$order = $obj->checkArgument("order", $_GET, "ASC"); -$dateFormat = $obj->checkArgument("date_time_format_status", $_GET, "Y/m/d H:i:s"); +$o = filter_input(INPUT_GET, 'o', FILTER_SANITIZE_STRING, array('options' => array('default' => 'h'))); +$p = filter_input(INPUT_GET, 'p', FILTER_VALIDATE_INT, array('options' => array('default' => 2))); +$num = filter_input(INPUT_GET, 'num', FILTER_VALIDATE_INT, array('options' => array('default' => 0))); +$limit = filter_input(INPUT_GET, 'limit', FILTER_VALIDATE_INT, array('options' => array('default' => 20))); +//if instance value is not set, displaying all active pollers linked resources +$instance = filter_var($obj->defaultPoller ?? -1, FILTER_VALIDATE_INT); +$hostgroup = filter_input(INPUT_GET, 'hg_search', FILTER_SANITIZE_STRING, array('options' => array('default' => ''))); +$search = filter_input(INPUT_GET, 'search', FILTER_SANITIZE_STRING, array('options' => array('default' => ''))); +$sort_type = filter_input( + INPUT_GET, + 'sort_type', + FILTER_SANITIZE_STRING, + array('options' => array('default' => 'host_name')) +); +$order = filter_input( + INPUT_GET, + 'order', + FILTER_VALIDATE_REGEXP, + array('options' => array('default' => 'ASC', 'regexp' => '/^(ASC|DESC)$/')) +); $grouplistStr = $obj->access->getAccessGroupsString(); -$queryValues = array(); +//saving bound values +$queryValues = []; + //Get Host status $rq1 = "SELECT SQL_CALC_FOUND_ROWS DISTINCT hg.name AS alias, h.host_id id, h.name AS host_name, hgm.hostgroup_id, " . "h.state hs, h.icon_image " .