Fix SQL injection escape DB identifier

francoisjacquet · Apr 25, 2022 · 15d5e87 · 15d5e87
1 parent 3c561a6
commit 15d5e87
Show file tree

Hide file tree

Showing 9 changed files with 9 additions and 8 deletions.
diff --git a/CHANGES.md b/CHANGES.md
@@ -53,6 +53,7 @@ Changes in 9.0
 - Add AttrEscape() function in Inputs.php
 - Use AttrEscape() instead of htmlspecialchars(), program wide
 - Maintain Advanced search when editing Timeframe in Percent.php
+- Fix SQL injection escape DB identifier in RegistrationSave.fnc.php, Calendar.php, MarkingPeriods.php, SchoolFields.php, AddressFields.php, PeopleFields.php, StudentFields.php & UserFields.php
 
 Changes in 8.9.4
 ----------------

diff --git a/modules/Custom/includes/RegistrationSave.fnc.php b/modules/Custom/includes/RegistrationSave.fnc.php
@@ -407,7 +407,7 @@ function RegistrationSaveContactNameFields( $config, $values )
 			if ( ! empty( $value )
 				|| $value == '0' )
 			{
-				$fields .= $column . ',';
+				$fields .= DBEscapeIdentifier( $column ) . ',';
 
 				$values_sql .= "'" . $value . "',";
 			}

diff --git a/modules/School_Setup/Calendar.php b/modules/School_Setup/Calendar.php
@@ -500,7 +500,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 							$values .= "'" . $value . "',";
 							$go = true;
 						}

diff --git a/modules/School_Setup/MarkingPeriods.php b/modules/School_Setup/MarkingPeriods.php
@@ -204,7 +204,7 @@
 				if ( ! empty( $value )
 					|| $value === '0' )
 				{
-					$fields .= $column . ',';
+					$fields .= DBEscapeIdentifier( $column ) . ',';
 
 					$values .= "'" . $value . "',";
 

diff --git a/modules/School_Setup/SchoolFields.php b/modules/School_Setup/SchoolFields.php
@@ -73,7 +73,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 
 							$values .= "'" . $value . "',";
 

diff --git a/modules/Students/includes/AddressFields.php b/modules/Students/includes/AddressFields.php
@@ -91,7 +91,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 
 							$values .= "'" . $value . "',";
 

diff --git a/modules/Students/includes/PeopleFields.php b/modules/Students/includes/PeopleFields.php
@@ -91,7 +91,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 
 							$values .= "'" . $value . "',";
 

diff --git a/modules/Students/includes/StudentFields.php b/modules/Students/includes/StudentFields.php
@@ -125,7 +125,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 
 							$values .= "'" . $value . "',";
 

diff --git a/modules/Users/UserFields.php b/modules/Users/UserFields.php
@@ -134,7 +134,7 @@
 						if ( ! empty( $value )
 							|| $value == '0' )
 						{
-							$fields .= $column . ',';
+							$fields .= DBEscapeIdentifier( $column ) . ',';
 
 							$values .= "'" . $value . "',";