diff --git a/CHANGES.md b/CHANGES.md index 9382457f2..7b0969cbb 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -53,6 +53,7 @@ Changes in 9.0 - Add AttrEscape() function in Inputs.php - Use AttrEscape() instead of htmlspecialchars(), program wide - Maintain Advanced search when editing Timeframe in Percent.php +- Fix SQL injection escape DB identifier in RegistrationSave.fnc.php, Calendar.php, MarkingPeriods.php, SchoolFields.php, AddressFields.php, PeopleFields.php, StudentFields.php & UserFields.php Changes in 8.9.4 ---------------- diff --git a/modules/Custom/includes/RegistrationSave.fnc.php b/modules/Custom/includes/RegistrationSave.fnc.php index 30b334e36..9b3205565 100644 --- a/modules/Custom/includes/RegistrationSave.fnc.php +++ b/modules/Custom/includes/RegistrationSave.fnc.php @@ -407,7 +407,7 @@ function RegistrationSaveContactNameFields( $config, $values ) if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values_sql .= "'" . $value . "',"; } diff --git a/modules/School_Setup/Calendar.php b/modules/School_Setup/Calendar.php index d84d6cabb..1667e7ef7 100644 --- a/modules/School_Setup/Calendar.php +++ b/modules/School_Setup/Calendar.php @@ -500,7 +500,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; $go = true; } diff --git a/modules/School_Setup/MarkingPeriods.php b/modules/School_Setup/MarkingPeriods.php index 0f798c23f..bd40b3cdc 100644 --- a/modules/School_Setup/MarkingPeriods.php +++ b/modules/School_Setup/MarkingPeriods.php @@ -204,7 +204,7 @@ if ( ! empty( $value ) || $value === '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; diff --git a/modules/School_Setup/SchoolFields.php b/modules/School_Setup/SchoolFields.php index 6fe7127bc..f0b85cb1c 100644 --- a/modules/School_Setup/SchoolFields.php +++ b/modules/School_Setup/SchoolFields.php @@ -73,7 +73,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; diff --git a/modules/Students/includes/AddressFields.php b/modules/Students/includes/AddressFields.php index 47076f898..cf5dd7769 100644 --- a/modules/Students/includes/AddressFields.php +++ b/modules/Students/includes/AddressFields.php @@ -91,7 +91,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; diff --git a/modules/Students/includes/PeopleFields.php b/modules/Students/includes/PeopleFields.php index 7598c62e7..bb6b54adc 100644 --- a/modules/Students/includes/PeopleFields.php +++ b/modules/Students/includes/PeopleFields.php @@ -91,7 +91,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; diff --git a/modules/Students/includes/StudentFields.php b/modules/Students/includes/StudentFields.php index ec9124bb9..5585e9402 100644 --- a/modules/Students/includes/StudentFields.php +++ b/modules/Students/includes/StudentFields.php @@ -125,7 +125,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',"; diff --git a/modules/Users/UserFields.php b/modules/Users/UserFields.php index c359edbff..dda5bf5fe 100644 --- a/modules/Users/UserFields.php +++ b/modules/Users/UserFields.php @@ -134,7 +134,7 @@ if ( ! empty( $value ) || $value == '0' ) { - $fields .= $column . ','; + $fields .= DBEscapeIdentifier( $column ) . ','; $values .= "'" . $value . "',";