mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enforce sanity before returning from database

Browse Source
This commit is contained in:
f0o
2016-02-10 13:52:43 +00:00
parent 37dccb3932
commit a6bca987bf
4 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
html/includes/vars.inc.php
View File

@@ -23,7 +23,7 @@ else {
foreach ($segments as $pos => $segment) { foreach ($segments as $pos => $segment) {
$segment = urldecode($segment); $segment = urldecode($segment);
if ($pos == '0') { if ($pos == '0') {
$vars['page'] =htmlentities( $segment); $vars['page'] = htmlentities($segment);
} }
else { else {
list($name, $value) = explode('=', $segment); list($name, $value) = explode('=', $segment);

10
includes/common.php
View File

@@ -1255,3 +1255,13 @@ function get_port_id ($ports_mapped, $port, $port_association_mode) {
return $port_id; return $port_id;
} }
/**
* Sanitize
* @param mixed $item Reference to Item
* @param mixed $key Key
* @return void
*/
function sanitize_array(&$item, $key) {
$item = htmlentities($item);
}

2
includes/dbFacile.mysql.php
View File

@@ -266,6 +266,7 @@ function dbFetchRows($sql, $parameters=array(), $nocache=false) {
if ($config['memcached']['enable'] && $nocache === false) { if ($config['memcached']['enable'] && $nocache === false) {
$config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']); $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']);
} }
array_walk_recursive($rows,'sanitize_array');
return $rows; return $rows;
} }
@@ -333,6 +334,7 @@ function dbFetchRow($sql=null, $parameters=array(), $nocache=false) {
if ($config['memcached']['enable'] && $nocache === false) { if ($config['memcached']['enable'] && $nocache === false) {
$config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']); $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']);
} }
array_walk_recursive($row,'sanitize_array');
return $row; return $row;
} }
else { else {

2
includes/dbFacile.mysqli.php
View File

@@ -267,6 +267,7 @@ function dbFetchRows($sql, $parameters=array(), $nocache=false) {
if ($config['memcached']['enable'] && $nocache === false) { if ($config['memcached']['enable'] && $nocache === false) {
$config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']); $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$rows,$config['memcached']['ttl']);
} }
array_walk_recursive($rows,'sanitize_array');
return $rows; return $rows;
} }
@@ -334,6 +335,7 @@ function dbFetchRow($sql=null, $parameters=array(), $nocache=false) {
if ($config['memcached']['enable'] && $nocache === false) { if ($config['memcached']['enable'] && $nocache === false) {
$config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']); $config['memcached']['resource']->set(hash('sha512',$sql.'|'.serialize($parameters)),$row,$config['memcached']['ttl']);
} }
array_walk_recursive($row,'sanitize_array');
return $row; return $row;
} }
else { else {