mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

webui: Allow full search on devices page (#8364)

Browse Source 
* Update devices.inc.php

* Update devices.inc.php

* Replace $_POST with $vars

Better protection for SQL injection attempts; Need to verify other files for same issue.

* Fixed whitespace.

*sigh*

* More search options & sql injection fixes.

+Allow full search on devices page;
+Allow sysName search on alertlog page;
+Allow sysName search on alerts page;
+Allow sysName search on eventlog page;
+Allow sysName search on poll-log page;
+Allow sysName search on ports page;

*Replaced all occurrences of $_POST with $vars in librenms/html/includes/table. ($vars are sanity-checked).

* Whitespace fix

* Fixed $where & $param

* Add files via upload

* Whitespaces....

Sometimes you want'em, sometimes you hate'em.
This commit is contained in:
Maurice den Braber
2018-03-25 22:50:09 +02:00
committed by Neil Lathwood
parent 2044f9bd14
commit 9f5b42b028
32 changed files with 195 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
html/includes/table/mempool-edit.inc.php
View File

@@ -1,6 +1,6 @@
<?php
$device_id = mres($_POST['device_id']);
$device_id = mres($vars['device_id']);
$sql = " FROM `mempools` AS `M` LEFT JOIN `devices` AS `D` ON `M`.`device_id` = `D`.`device_id` WHERE `D`.`device_id`=?";
$param[] = $device_id;