Security issue - Adding security::remove_XSS, intval and escape_string functions

15 years ago · 878c7a806c
parent ecfdef6f3f
commit 878c7a806c
3 changed files with 5 additions and 5 deletions
--- a/main/gradebook/gradebook_add_user.php
+++ b/main/gradebook/gradebook_add_user.php
@ -26,8 +26,8 @@ $add_user_form= new EvalForm(EvalForm :: TYPE_ADD_USERS_TO_EVAL,
 							 null,
 							 'add_users_to_evaluation',
 							 null,
-							 api_get_self() . '?selecteval=' . $_GET['selecteval'],
-							 $_GET['firstletter'],
+							 api_get_self() . '?selecteval=' . Security::remove_XSS($_GET['selecteval']),
+							 Security::remove_XSS($_GET['firstletter']),
 							 $newstudents);

 if ( isset($_POST['submit_button']) ) {
--- a/main/gradebook/gradebook_edit_eval.php
+++ b/main/gradebook/gradebook_edit_eval.php
@ -10,7 +10,7 @@ api_block_anonymous_users();
 block_students();

 $evaledit = Evaluation :: load($_GET['editeval']);
-$form = new EvalForm(EvalForm :: TYPE_EDIT, $evaledit[0], null, 'edit_eval_form',null,api_get_self() . '?editeval=' . $_GET['editeval']);
+$form = new EvalForm(EvalForm :: TYPE_EDIT, $evaledit[0], null, 'edit_eval_form',null,api_get_self() . '?editeval=' . Security::remove_XSS($_GET['editeval']));
 if ($form->validate()) {
 	$values = $form->exportValues();
 	$eval = new Evaluation();
--- a/main/gradebook/lib/be/attendancelink.class.php
+++ b/main/gradebook/lib/be/attendancelink.class.php
@ -224,7 +224,7 @@ class AttendanceLink extends AbstractLink
   		$session_id = api_get_session_id();
   		if ($tbl_name != '') {
    	$sql = 'SELECT * FROM '.$this->get_attendance_table().' att
-    			WHERE att.id = '.$this->get_ref_id().' AND att.session_id = '.$session_id.' ';
+    			WHERE att.id = '.intval($this->get_ref_id()).' AND att.session_id = '.intval($session_id).' ';
 		$result = Database::query($sql);
 		$row    = Database::fetch_array($result,'ASSOC');
 		$attendance_id = $row['id'];
@ -239,7 +239,7 @@ class AttendanceLink extends AbstractLink
 		if ($tbl_name == '') {
 			return false;
 		} elseif (!isset($this->attendance_data)) {
-			$sql = 'SELECT * FROM '.$this->get_attendance_table().' att WHERE att.id = '.$this->get_ref_id().' AND att.session_id='.$session_id.'';
+			$sql = 'SELECT * FROM '.$this->get_attendance_table().' att WHERE att.id = '.intval($this->get_ref_id()).' AND att.session_id='.intval($session_id).'';
 			$query = Database::query($sql);
 			$this->attendance_data = Database::fetch_array($query);
    	}