chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Security: SQL-escape user IP before inserting into the database

Browse Source
1.10.x
Yannick Warnier 8 years ago
parent f6a4a70817
commit e150372d52
2 changed files with 5 additions and 5 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 8
      main/inc/lib/events.lib.php
  2. 2
      main/inc/local.inc.php

8
main/inc/lib/events.lib.php
Unescape View File

@ -40,7 +40,7 @@ class Event
} // don't change this } // don't change this
$reallyNow = api_get_utc_datetime(); $reallyNow = api_get_utc_datetime();
$params = [ $params = [
'open_remote_host' => $remhost, 'open_remote_host' => Database::escape_string($remhost),
'open_agent' => $_SERVER['HTTP_USER_AGENT'], 'open_agent' => $_SERVER['HTTP_USER_AGENT'],
'open_referer' => $referer, 'open_referer' => $referer,
'open_date' => $reallyNow, 'open_date' => $reallyNow,
@ -108,7 +108,7 @@ class Event
$now = api_get_utc_datetime(); $now = api_get_utc_datetime();
$courseId = api_get_course_int_id(); $courseId = api_get_course_int_id();
$user_id = api_get_user_id(); $user_id = api_get_user_id();
$ip = api_get_real_ip(); $ip = Database::escape_string(api_get_real_ip());
if ($user_id) { if ($user_id) {
$user_id = "'".$user_id."'"; $user_id = "'".$user_id."'";
@ -181,7 +181,7 @@ class Event
'access_tool' => $tool, 'access_tool' => $tool,
'access_date' => $reallyNow, 'access_date' => $reallyNow,
'access_session_id' => $id_session, 'access_session_id' => $id_session,
'user_ip' => api_get_real_ip() 'user_ip' => Database::escape_string(api_get_real_ip())
]; ];
Database::insert($TABLETRACK_ACCESS, $params); Database::insert($TABLETRACK_ACCESS, $params);
} }
@ -1748,7 +1748,7 @@ class Event
$courseId = intval($courseId); $courseId = intval($courseId);
$user_id = intval($user_id); $user_id = intval($user_id);
$session_id = intval($session_id); $session_id = intval($session_id);
$ip = api_get_real_ip(); $ip = Database::escape_string(api_get_real_ip());
$sql = "INSERT INTO $course_tracking_table(c_id, user_ip, user_id, login_course_date, logout_course_date, counter, session_id) $sql = "INSERT INTO $course_tracking_table(c_id, user_ip, user_id, login_course_date, logout_course_date, counter, session_id)
VALUES('".$courseId."', '".$ip."', '".$user_id."', '$loginDate', '$logoutDate', $counter, '".$session_id."')"; VALUES('".$courseId."', '".$ip."', '".$user_id."', '$loginDate', '$logoutDate', $counter, '".$session_id."')";

2
main/inc/local.inc.php
Unescape View File

@ -892,7 +892,7 @@ if (!isset($_SESSION['login_as'])) {
session_id = ".api_get_session_id(); session_id = ".api_get_session_id();
Database::query($sql); Database::query($sql);
} else { } else {
$ip = api_get_real_ip(); $ip = Database::escape_string(api_get_real_ip());
$sql = "INSERT INTO $course_tracking_table (c_id, user_ip, user_id, login_course_date, logout_course_date, counter, session_id) $sql = "INSERT INTO $course_tracking_table (c_id, user_ip, user_id, login_course_date, logout_course_date, counter, session_id)
VALUES('".$_course['real_id']."', '".$ip."', '".$_user['user_id']."', '$time', '$time', '1','".api_get_session_id()."')"; VALUES('".$_course['real_id']."', '".$ip."', '".$_user['user_id']."', '$time', '$time', '1','".api_get_session_id()."')";
Database::query($sql); Database::query($sql);

Write Preview
Loading…
Cancel
Save