diff options
| author | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-02-02 06:37:42 +0000 |
|---|---|---|
| committer | hugetoad <hugetoad@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2006-02-02 06:37:42 +0000 |
| commit | 6baf1bdda009c10acadac93035e38d2c431ca324 (patch) | |
| tree | 23b4b96974ed388574da5560a7b51588b9ee3941 /frontends/php/include/config.inc.php | |
| parent | bf94a21c0a8d09d4da1f0c8ee0fe851a0053c6b2 (diff) | |
- GUI made immune to SQL injection attacks (Alexei)
git-svn-id: svn://svn.zabbix.com/trunk@2600 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/include/config.inc.php')
| -rw-r--r-- | frontends/php/include/config.inc.php | 57 |
1 files changed, 28 insertions, 29 deletions
diff --git a/frontends/php/include/config.inc.php b/frontends/php/include/config.inc.php index db004fbf..f1be42c9 100644 --- a/frontends/php/include/config.inc.php +++ b/frontends/php/include/config.inc.php @@ -332,7 +332,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! } # default_permission - $sql="select permission from rights where name='$right' and id!=0 and userid=".$USER_DETAILS["userid"]; + $sql="select permission from rights where name='".zbx_ads($right)."' and id!=0 and userid=".$USER_DETAILS["userid"]; $result=DBselect($sql); $all_permissions=""; @@ -422,7 +422,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! } # default_permission - $sql="select permission from rights where name='$right' and id=0 and userid=".$USER_DETAILS["userid"]; + $sql="select permission from rights where name='".zbx_ads($right)."' and id=0 and userid=".$USER_DETAILS["userid"]; $result=DBselect($sql); $group_permission=""; @@ -438,7 +438,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! $id_permission=""; if($id!=0) { - $sql="select permission from rights where name='$right' and id=$id and userid=".$USER_DETAILS["userid"]; + $sql="select permission from rights where name='".zbx_ads($right)."' and id=$id and userid=".$USER_DETAILS["userid"]; $result=DBselect($sql); if(DBnum_rows($result)>0) { @@ -655,7 +655,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! function get_image_by_name($imagetype,$name) { - $sql="select * from images where imagetype=$imagetype and name='$name'"; + $sql="select * from images where imagetype=$imagetype and name='".zbx_ads($name)."'"; $result=DBselect($sql); if(DBnum_rows($result) == 1) { @@ -797,7 +797,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! // echo $function,"<br>"; // echo $parameter,"<br>"; - $sql="select count(*) as cnt from hosts h,items i where h.host='$host' and i.key_='$key' and h.hostid=i.hostid"; + $sql="select count(*) as cnt from hosts h,items i where h.host='".zbx_ads($host)."' and i.key_='".zbx_ads($key)."' and h.hostid=i.hostid"; $result=DBselect($sql); $row=DBfetch($result); if($row["cnt"]!=1) @@ -973,13 +973,13 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! if(isset($sessionid)) { - $sql="select u.userid,u.alias,u.name,u.surname,u.lang,u.refresh from sessions s,users u where s.sessionid='$sessionid' and s.userid=u.userid and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))"; + $sql="select u.userid,u.alias,u.name,u.surname,u.lang,u.refresh from sessions s,users u where s.sessionid='".zbx_ads($sessionid)."' and s.userid=u.userid and ((s.lastaccess+u.autologout>".time().") or (u.autologout=0))"; $result=DBselect($sql); if(DBnum_rows($result)==1) { // setcookie("sessionid",$sessionid,time()+3600); setcookie("sessionid",$sessionid); - $sql="update sessions set lastaccess=".time()." where sessionid='$sessionid'"; + $sql="update sessions set lastaccess=".time()." where sessionid='".zbx_ads($sessionid)."'"; DBexecute($sql); $USER_DETAILS=DBfetch($result); return; @@ -1384,7 +1384,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! // echo "PARAMETER:$parameter<BR>"; $state=''; - $sql="select i.itemid from items i,hosts h where i.key_='$key' and h.host='$host' and h.hostid=i.hostid"; + $sql="select i.itemid from items i,hosts h where i.key_='".zbx_ads($key)."' and h.host='".zbx_ads($host)."' and h.hostid=i.hostid"; # echo $sql,"<Br>"; $res=DBselect($sql); $row=DBfetch($res); @@ -1392,7 +1392,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! $itemid=$row["itemid"]; # echo "ITEMID:$itemid<BR>"; - $sql="insert into functions (itemid,triggerid,function,parameter) values ($itemid,$triggerid,'$function','$parameter')"; + $sql="insert into functions (itemid,triggerid,function,parameter) values ($itemid,$triggerid,'".zbx_ads($function)."','".zbx_ads($parameter)."')"; # echo $sql,"<Br>"; $res=DBexecute($sql); if(!$res) @@ -1475,8 +1475,8 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! if($files["image"]["error"]==0) if($files["image"]["size"]<1024*1024) { - $image=zbx_ads(fread(fopen($files["image"]["tmp_name"],"r"),filesize($files["image"]["tmp_name"]))); - $sql="insert into images (name,imagetype,image) values ('$name',$imagetype,'$image')"; + $image=fread(fopen($files["image"]["tmp_name"],"r"),filesize($files["image"]["tmp_name"])); + $sql="insert into images (name,imagetype,image) values ('".zbx_ads($name)."',$imagetype,'".zbx_ads($image)."')"; return DBexecute($sql); } else @@ -1499,8 +1499,8 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! if($files["image"]["error"]==0) if($files["image"]["size"]<1024*1024) { - $image=zbx_ads(fread(fopen($files["image"]["tmp_name"],"r"),filesize($files["image"]["tmp_name"]))); - $sql="update images set name='$name',imagetype='$imagetype',image='$image' where imageid='$imageid'"; + $image=fread(fopen($files["image"]["tmp_name"],"r"),filesize($files["image"]["tmp_name"])); + $sql="update images set name='".zbx_ads($name)."',imagetype='".zbx_ads($imagetype)."',image='".zbx_ads($image)."' where imageid=$imageid"; return DBexecute($sql); } else @@ -1616,7 +1616,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! function add_group_to_host($hostid,$newgroup) { - $sql="insert into groups (groupid,name) values (NULL,'$newgroup')"; + $sql="insert into groups (groupid,name) values (NULL,'".zbx_ads($newgroup)."')"; $result=DBexecute($sql); if(!$result) { @@ -1667,7 +1667,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! // return 0; // } - $sql="select * from groups where name='$name'"; + $sql="select * from groups where name='".zbx_ads($name)."'"; $result=DBexecute($sql); if(DBnum_rows($result)>0) { @@ -1675,7 +1675,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! return 0; } - $sql="insert into groups (name) values ('$name')"; + $sql="insert into groups (name) values ('".zbx_ads($name)."')"; $result=DBexecute($sql); if(!$result) { @@ -1697,7 +1697,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! // return 0; // } - $sql="select * from groups where name='$name' and groupid<>$groupid"; + $sql="select * from groups where name='".zbx_ads($name)."' and groupid<>$groupid"; $result=DBexecute($sql); if(DBnum_rows($result)>0) { @@ -1705,7 +1705,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! return 0; } - $sql="update groups set name='$name' where groupid=$groupid"; + $sql="update groups set name='".zbx_ads($name)."' where groupid=$groupid"; $result=DBexecute($sql); if(!$result) { @@ -1814,7 +1814,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! { $ret = 0; - $sql="select * from media_type where description='".zbx_ads($description)."' and mediatypeid!=".zbx_ads($mediatypeid); + $sql="select * from media_type where description='".zbx_ads($description)."' and mediatypeid!=$mediatypeid"; $result=DBexecute($sql); if(DBnum_rows($result)>0) { @@ -1822,7 +1822,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! } else { - $sql="update media_type set type=".zbx_ads($type).",description='".zbx_ads($description)."',smtp_server='".zbx_ads($smtp_server)."',smtp_helo='".zbx_ads($smtp_helo)."',smtp_email='".zbx_ads($smtp_email)."',exec_path='".zbx_ads($exec_path)."' where mediatypeid=".zbx_ads($mediatypeid); + $sql="update media_type set type=$type,description='".zbx_ads($description)."',smtp_server='".zbx_ads($smtp_server)."',smtp_helo='".zbx_ads($smtp_helo)."',smtp_email='".zbx_ads($smtp_email)."',exec_path='".zbx_ads($exec_path)."' where mediatypeid=$mediatypeid"; $ret = DBexecute($sql); } return $ret; @@ -1839,8 +1839,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! return 0; } - $description=zbx_ads($description); - $sql="select * from media_type where description='$description'"; + $sql="select * from media_type where description='".zbx_ads($description)."'"; $result=DBexecute($sql); if(DBnum_rows($result)>0) { @@ -1848,7 +1847,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! } else { - $sql="insert into media_type (type,description,smtp_server,smtp_helo,smtp_email,exec_path) values ($type,'$description','$smtp_server','$smtp_helo','$smtp_email','$exec_path')"; + $sql="insert into media_type (type,description,smtp_server,smtp_helo,smtp_email,exec_path) values ($type,'".zbx_ads($description)."','".zbx_ads($smtp_server)."','".zbx_ads($smtp_helo)."','".zbx_ads($smtp_email)."','".zbx_ads($exec_path)."')"; $ret = DBexecute($sql); } return $ret; @@ -1864,7 +1863,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! { $s=$s|pow(2,(int)$severity[$i]); } - $sql="insert into media (userid,mediatypeid,sendto,active,severity,period) values ($userid,'$mediatypeid','$sendto',$active,$s,'$period')"; + $sql="insert into media (userid,mediatypeid,sendto,active,severity,period) values ($userid,'".zbx_ads($mediatypeid)."','".zbx_ads($sendto)."',$active,$s,'".zbx_ads($period)."')"; return DBexecute($sql); } @@ -1878,7 +1877,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! { $s=$s|pow(2,(int)$severity[$i]); } - $sql="update media set userid=$userid, mediatypeid=$mediatypeid, sendto='$sendto', active=$active,severity=$s,period='$period' where mediaid=$mediaid"; + $sql="update media set userid=$userid, mediatypeid=$mediatypeid, sendto='".zbx_ads($sendto)."', active=$active,severity=$s,period='".zbx_ads($period)."' where mediaid=$mediaid"; return DBexecute($sql); } @@ -2787,7 +2786,7 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! return $default_value; } - $sql="select value from profiles where userid=".$USER_DETAILS["userid"]." and idx='$idx'"; + $sql="select value from profiles where userid=".$USER_DETAILS["userid"]." and idx='".zbx_ads($idx)."'"; $result=DBselect($sql); if(DBnum_rows($result)==0) @@ -2810,18 +2809,18 @@ function SDI($msg) { echo "DEBUG INFO: $msg ".BR; } # DEBUG INFO!!! return; } - $sql="select value from profiles where userid=".$USER_DETAILS["userid"]." and idx='$idx'"; + $sql="select value from profiles where userid=".$USER_DETAILS["userid"]." and idx='".zbx_ads($idx)."'"; $result=DBselect($sql); if(DBnum_rows($result)==0) { - $sql="insert into profiles (userid,idx,value) values (".$USER_DETAILS["userid"].",'$idx','$value')"; + $sql="insert into profiles (userid,idx,value) values (".$USER_DETAILS["userid"].",'".zbx_ads($idx)."','".zbx_ads($value)."')"; DBexecute($sql); } else { $row=DBfetch($result); - $sql="update profiles set value='$value' where userid=".$USER_DETAILS["userid"]." and idx='$idx'"; + $sql="update profiles set value='".zbx_ads($value)."' where userid=".$USER_DETAILS["userid"]." and idx='".zbx_ads($idx)."'"; DBexecute($sql); } } |