chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Security issue - Adding security::remove_XSS, intval and escape_string functions

Browse Source
skala
Julio Montoya 15 years ago
parent ecfdef6f3f
commit 878c7a806c
3 changed files with 5 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      main/gradebook/gradebook_add_user.php
  2. 2
      main/gradebook/gradebook_edit_eval.php
  3. 4
      main/gradebook/lib/be/attendancelink.class.php

4
main/gradebook/gradebook_add_user.php
Unescape View File

@ -26,8 +26,8 @@ $add_user_form= new EvalForm(EvalForm :: TYPE_ADD_USERS_TO_EVAL,
null, null,
'add_users_to_evaluation', 'add_users_to_evaluation',
null, null,
api_get_self() . '?selecteval=' . $_GET['selecteval'], api_get_self() . '?selecteval=' . Security::remove_XSS($_GET['selecteval']),
$_GET['firstletter'], Security::remove_XSS($_GET['firstletter']),
$newstudents); $newstudents);
if ( isset($_POST['submit_button']) ) { if ( isset($_POST['submit_button']) ) {

2
main/gradebook/gradebook_edit_eval.php
Unescape View File

@ -10,7 +10,7 @@ api_block_anonymous_users();
block_students(); block_students();
$evaledit = Evaluation :: load($_GET['editeval']); $evaledit = Evaluation :: load($_GET['editeval']);
$form = new EvalForm(EvalForm :: TYPE_EDIT, $evaledit[0], null, 'edit_eval_form',null,api_get_self() . '?editeval=' . $_GET['editeval']); $form = new EvalForm(EvalForm :: TYPE_EDIT, $evaledit[0], null, 'edit_eval_form',null,api_get_self() . '?editeval=' . Security::remove_XSS($_GET['editeval']));
if ($form->validate()) { if ($form->validate()) {
$values = $form->exportValues(); $values = $form->exportValues();
$eval = new Evaluation(); $eval = new Evaluation();

4
main/gradebook/lib/be/attendancelink.class.php
Unescape View File

@ -224,7 +224,7 @@ class AttendanceLink extends AbstractLink
$session_id = api_get_session_id(); $session_id = api_get_session_id();
if ($tbl_name != '') { if ($tbl_name != '') {
$sql = 'SELECT * FROM '.$this->get_attendance_table().' att $sql = 'SELECT * FROM '.$this->get_attendance_table().' att
WHERE att.id = '.$this->get_ref_id().' AND att.session_id = '.$session_id.' '; WHERE att.id = '.intval($this->get_ref_id()).' AND att.session_id = '.intval($session_id).' ';
$result = Database::query($sql); $result = Database::query($sql);
$row = Database::fetch_array($result,'ASSOC'); $row = Database::fetch_array($result,'ASSOC');
$attendance_id = $row['id']; $attendance_id = $row['id'];
@ -239,7 +239,7 @@ class AttendanceLink extends AbstractLink
if ($tbl_name == '') { if ($tbl_name == '') {
return false; return false;
} elseif (!isset($this->attendance_data)) { } elseif (!isset($this->attendance_data)) {
$sql = 'SELECT * FROM '.$this->get_attendance_table().' att WHERE att.id = '.$this->get_ref_id().' AND att.session_id='.$session_id.''; $sql = 'SELECT * FROM '.$this->get_attendance_table().' att WHERE att.id = '.intval($this->get_ref_id()).' AND att.session_id='.intval($session_id).'';
$query = Database::query($sql); $query = Database::query($sql);
$this->attendance_data = Database::fetch_array($query); $this->attendance_data = Database::fetch_array($query);
} }

Write Preview
Loading…
Cancel
Save