[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 12/15: Improve : add a function for detection
|
From: |
Dany De Bontridder |
|
Subject: |
[Noalyss-commit] [noalyss] 12/15: Improve : add a function for detection SQL inject |
|
Date: |
Mon, 25 Jan 2021 18:56:23 -0500 (EST) |
sparkyx pushed a commit to branch master
in repository noalyss.
commit 1666f570be5547c55aea84c4a476542bccf28055
Author: sparkyx <danydb@noalyss.eu>
AuthorDate: Tue Jan 26 00:27:44 2021 +0100
Improve : add a function for detection SQL inject
---
include/class/fiche.class.php | 5 +++--
include/constant.php | 1 +
include/lib/database_core.class.php | 18 ++++++++++++++++++
unit-test/include/class/fiche.Test.php | 30 +++++++++++++++++++++++++++---
4 files changed, 49 insertions(+), 5 deletions(-)
diff --git a/include/class/fiche.class.php b/include/class/fiche.class.php
index e4942bb..b62f6d7 100644
--- a/include/class/fiche.class.php
+++ b/include/class/fiche.class.php
@@ -291,10 +291,11 @@ class Fiche
*/
function count_by_modele($p_frd_id,$p_search="",$p_sql="")
{
- $sql="select *
+ // Scan for SQL inject
+ $this->cn->search_sql_inject($p_sql);
from
fiche join fiche_Def using (fd_id)
- where frd_id=".$p_frd_id;
+ where frd_id=$1 ".$p_sql
if ( $p_search != "" )
{
$a=sql_string($p_search);
diff --git a/include/constant.php b/include/constant.php
index feaf081..55308e3 100644
--- a/include/constant.php
+++ b/include/constant.php
@@ -314,6 +314,7 @@ define ('EMAIL_LIMIT',1002);
define ('EXC_PARAM_VALUE',1005);
define ('EXC_PARAM_TYPE',1006);
define ('EXC_DUPLICATE',1200);
+define ('EXC_INVALID',1400);
define ("UNPINDG","");
define ("PINDG","");
diff --git a/include/lib/database_core.class.php
b/include/lib/database_core.class.php
index 2f7bc32..d7d5cb6 100644
--- a/include/lib/database_core.class.php
+++ b/include/lib/database_core.class.php
@@ -956,6 +956,24 @@ class DatabaseCore
static function nb_column($p_ret) {
return pg_num_fields($p_ret);
}
+ /**
+ * FInd if a SQL Select has a SQL stmt to inject or damage Data
+ * When a SELECT SQL string is build, this string could contain a SQL
attempt to damage data,
+ *so the statement DELETE TRUNCATE ... are forbidden. Throw an exception
EXC_INVALID
+ *
+ */
+ function search_sql_inject($p_sql)
+ {
+ $forbid_sql=array("update","delete","truncate","insert");
+ // protect against SQL inject
+ foreach ($forbid_sql as $forbid_key) {
+ if (stripos($p_sql,$forbid_key) !== false)
+ {
+ throw new Exception(_("Possible SQL inject",EXC_INVALID));
+ }
+
+ }
+ }
}
diff --git a/unit-test/include/class/fiche.Test.php
b/unit-test/include/class/fiche.Test.php
index 08e2cf4..ccd3b13 100644
--- a/unit-test/include/class/fiche.Test.php
+++ b/unit-test/include/class/fiche.Test.php
@@ -33,7 +33,6 @@ class FicheTest extends TestCase
/**
* @covers Fiche::cmp_name
- * @todo Implement testCmp_name().
*/
public function testCmp_name()
{
@@ -45,7 +44,6 @@ class FicheTest extends TestCase
/**
* @covers Fiche::get_bk_account
- * @todo Implement testGet_bk_account().
*/
public function testGet_bk_account()
{
@@ -83,5 +81,31 @@ class FicheTest extends TestCase
$this->assertEquals ($nb_result,3,"Size array not correct ");
$this->assertEquals($a_result[0][24]["deb_montant"],204.71);
}
-
+
+ /**
+ * @covers Fiche::count_by_modele()
+ */
+ public function testCount_by_modele()
+ {
+ $nb=$this->object->count_by_modele(1,"","");
+ $this->assertEquals(4,$nb,"number of Sales Card ");
+ $nb=$this->object->count_by_modele(3,"eau","");
+ $this->assertEquals(1,$nb,"Purchase card water ");
+ $nb=$this->object->count_by_modele(3,"EAU","");
+ $this->assertEquals(1,$nb,"Purchase card water ");
+ $nb=$this->object->count_by_modele(3,"ZZ","");
+ $this->assertEquals(0,$nb,"no card found");
+ $nb=$this->object->count_by_modele(3000,"","");
+ $this->assertEquals(0,$nb,"no card found");
+ $nb=$this->object->count_by_modele(3,"","");
+ $this->assertEquals(7,$nb,"Purchase cards ");
+ // attempt to inject SQL command, you must get an error
+ try {
+ $nb=@$this->object->count_by_modele(3,""," ;delete from jrn;");
+ $this->assertFalse(true,"Inject SQL command not found");
+ } catch(Exception $e) {
+ $this->assertTrue(true,"Inject SQL command found");
+ }
+ }
+}
}
- [Noalyss-commit] [noalyss] 08/15: New #0001887: ANCGL ajout champs numéro action, (continued)
- [Noalyss-commit] [noalyss] 08/15: New #0001887: ANCGL ajout champs numéro action, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 05/15: NEW #0001886: ANC/ANCIMP/ANCGL >> Export PDF, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 04/15: DEBUG : show file name, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 10/15: Improve : Select_Box , placement, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 02/15: Security : constructor can take info from request, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 03/15: Fix : PHP compatibility with count Fix : Dossier::set_current Code cleaning ,, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 07/15: NEW #0001886: ANC/ANCIMP/ANCGL >> Export PDF Place properly the select_box, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 06/15: Bug : javascript message were unavailable, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 09/15: Cosmetic & code cleaning, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 11/15: Improve : ANCGL , type of export mandatory, Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 12/15: Improve : add a function for detection SQL inject,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 14/15: Merge branch 'dev-8-cosmetic', Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 15/15: Merge branch 'dev-8-select-box', Dany De Bontridder, 2021/01/25
- [Noalyss-commit] [noalyss] 13/15: Cosmetic fix : count_by_modele, Dany De Bontridder, 2021/01/25