chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Security issue: intval function added

Browse Source
skala
Julio Montoya 16 years ago
parent 609abba08a
commit 616eb89aa9
1 changed files with 13 additions and 14 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 27
      main/calendar/agenda.inc.php

27
main/calendar/agenda.inc.php
Unescape View File

@ -1649,22 +1649,21 @@ function store_edited_agenda_item($id_attach,$file_comment)
*/ */
function save_edit_agenda_item($id,$title,$content,$start_date,$end_date) function save_edit_agenda_item($id,$title,$content,$start_date,$end_date)
{ {
$TABLEAGENDA = Database::get_course_table(TABLE_AGENDA); $TABLEAGENDA= Database::get_course_table(TABLE_AGENDA);
$id=Database::escape_string($id); $id = Database::escape_string($id);
$title=Database::escape_string(Security::remove_XSS($title)); $title = Database::escape_string(Security::remove_XSS($title));
$content=stripslashes($content); $content = Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY));
$content = Database::escape_string(Security::remove_XSS($content,COURSEMANAGERLOWSECURITY)); $start_date = Database::escape_string($start_date);
$start_date=Database::escape_string($start_date); $end_date = Database::escape_string($end_date);
$end_date=Database::escape_string($end_date);
// store the modifications in the table calendar_event // store the modifications in the table calendar_event
$sql = "UPDATE ".$TABLEAGENDA." $sql = "UPDATE ".$TABLEAGENDA."
SET title='".$title."', SET title ='".$title."',
content='".$content."', content ='".$content."',
start_date='".$start_date."', start_date ='".$start_date."',
end_date='".$end_date."' end_date ='".$end_date."'
WHERE id='".$id."'"; WHERE id='".$id."'";
$result = Database::query($sql) or die (Database::error()); $result = Database::query($sql);
return true; return true;
} }
@ -1687,7 +1686,7 @@ function delete_agenda_item($id)
{ {
$t_agenda = Database::get_course_table(TABLE_AGENDA); $t_agenda = Database::get_course_table(TABLE_AGENDA);
$t_agenda_r = Database::get_course_table(TABLE_AGENDA_REPEAT); $t_agenda_r = Database::get_course_table(TABLE_AGENDA_REPEAT);
$id=(int)addslashes($_GET['id']); $id=intval($_GET['id']);
$sql = "SELECT * FROM $t_agenda_r WHERE cal_id = $id"; $sql = "SELECT * FROM $t_agenda_r WHERE cal_id = $id";
$res = Database::query($sql); $res = Database::query($sql);
if(Database::num_rows($res)>0) if(Database::num_rows($res)>0)

Write Preview
Loading…
Cancel
Save