From 9809cc710ac58ab556b5aa2ddfb44930c5d5f290 Mon Sep 17 00:00:00 2001 From: Mian Muhammad Imran Shah Date: Sat, 4 Sep 2021 18:17:19 +0500 Subject: [PATCH] Security Bugs Fixed --- application/config/database.php | 86 +++++++- application/controllers/Generals.php | 50 ++++- application/controllers/Users.php | 39 +++- application/models/General.php | 1 + application/views/_template/main.php | 281 ++++++++++++++------------- 5 files changed, 310 insertions(+), 147 deletions(-) diff --git a/application/config/database.php b/application/config/database.php index 505bac0..9db47c3 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -1 +1,85 @@ -db->last_query() and profiling of DB queries. | When you run a query, with this setting set to TRUE (default), | CodeIgniter will store the SQL statement for debugging purposes. | However, this may cause high memory usage, especially if you run | a lot of SQL queries ... disable this to avoid that problem. | | The $active_group variable lets you choose which connection group to | make active. By default there is only one group (the 'default' group). | | The $query_builder variables lets you determine whether or not to load | the query builder class. */ $active_group = 'default'; $query_builder = TRUE; $db['default'] = array( 'dsn' => '', 'hostname' => 'localhost', 'username' => 'root', 'password' => '', 'database' => 'inventory', 'dbdriver' => 'mysqli', 'dbprefix' => '', 'pconnect' => FALSE, 'db_debug' => FALSE, 'cache_on' => FALSE, 'cachedir' => '', 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, 'failover' => array(), 'save_queries' => TRUE ); \ No newline at end of file +db->last_query() and profiling of DB queries. +| When you run a query, with this setting set to TRUE (default), +| CodeIgniter will store the SQL statement for debugging purposes. +| However, this may cause high memory usage, especially if you run +| a lot of SQL queries ... disable this to avoid that problem. +| +| The $active_group variable lets you choose which connection group to +| make active. By default there is only one group (the 'default' group). +| +| The $query_builder variables lets you determine whether or not to load +| the query builder class. +*/ + +$active_group = 'default'; +$query_builder = TRUE; + +$db['default'] = array( + 'dsn' => '', + 'hostname' => 'localhost', + 'username' => 'root', + 'password' => 'root', + 'database' => 'inventory', + 'dbdriver' => 'mysqli', + 'dbprefix' => '', + 'pconnect' => FALSE, + 'db_debug' => FALSE, + 'cache_on' => FALSE, + 'cachedir' => '', + 'char_set' => 'utf8', + 'dbcollat' => 'utf8_general_ci', + 'swap_pre' => '', + 'encrypt' => FALSE, + 'compress' => FALSE, + 'stricton' => FALSE, + 'failover' => array(), + 'save_queries' => TRUE +); diff --git a/application/controllers/Generals.php b/application/controllers/Generals.php index 862b12b..e276dd1 100644 --- a/application/controllers/Generals.php +++ b/application/controllers/Generals.php @@ -81,6 +81,10 @@ public function create_breadcrums() //Add Group.... public function add_group() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $this->header(); $data['group_list'] = $this->General->fetch_records("usr_group"); @@ -92,6 +96,10 @@ public function add_group() public function create_group() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $group_name = $this->input->post('group_name'); $record = $this->General->fetch_maxid("usr_group"); @@ -116,6 +124,10 @@ public function create_group() //Edit Group.... public function edit_group($id) { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $group['groups'] = $this->General->fetch_groupbyid($id); $this->header(); $this->load->view('generals/edit_group', $group); @@ -125,6 +137,10 @@ public function edit_group($id) //Update Group...... public function update_group() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $group_name = $this->input->post('group_name'); $group_id = $this->input->post('group_id'); $this->General->update_group($group_name, $group_id); @@ -136,7 +152,10 @@ public function update_group() public function addmenu() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $this->header(); $col = "PARENT_ID"; @@ -176,7 +195,10 @@ public function addmenu() //Create menu.... public function create_menu() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $menu = $this->input->post('MENU_TEXT'); $url = $this->input->post('MENU_URL'); $parent = $this->input->post('PARENT_ID'); @@ -209,7 +231,10 @@ public function create_menu() //Fetch All menus......... public function list_menu() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $menu['menus'] = $this->General->fetch_records("usr_menu"); $this->header(); @@ -220,6 +245,10 @@ public function list_menu() //Edit Menu.... public function edit_menu($id) { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $menu['menus'] = $this->General->fetch_menubyid($id); $this->header(); @@ -230,7 +259,10 @@ public function edit_menu($id) //Update Menu.... public function update_menu() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } extract($_POST); $this->General->update_menu(); @@ -242,7 +274,10 @@ public function update_menu() //Add permission..... public function add_permission($id) { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $data['parentnav'] = $this->Menus->fetch_parent_menu(); $data['Generals'] = $this; $data['group_id'] = $id; @@ -254,7 +289,10 @@ public function add_permission($id) // Creating Permissions for a specific group public function create_permission() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } extract($_POST); $group_id = $this->input->post('group_id'); diff --git a/application/controllers/Users.php b/application/controllers/Users.php index dba20b2..ececceb 100644 --- a/application/controllers/Users.php +++ b/application/controllers/Users.php @@ -96,7 +96,10 @@ public function loginauthen() //Load View Form For User Creation......... public function add_user() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } //Get employee list for drop down menu.................................. $data['employeelist'] = $this->General->fetch_records("employee_profile"); $data['grouplist'] = $this->General->fetch_records("usr_group"); @@ -115,7 +118,10 @@ public function add_user() //Get values and Create User................ public function create_user() { - + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $record = $this->General->fetch_maxid("usr_user"); foreach ($record as $record) { $MaxGroup = $record->USER_ID; @@ -146,6 +152,10 @@ public function create_user() // List all users public function list_users() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $this->header($title = 'Users List'); $this->load->view(); $this->footer(); @@ -154,6 +164,10 @@ public function list_users() // Delete specific user public function delete_users($id) { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $this->db->where('USER_ID', $id); $this->db->delete('usr_user'); @@ -164,6 +178,10 @@ public function delete_users($id) //status of user (Active) public function activeStatus() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $id = $this->uri->segment(3); $update = array( 'IS_ACTIVE' => '1' @@ -177,10 +195,19 @@ public function activeStatus() redirect(base_url() . "index.php/Users/add_user"); } + function _check_token($token) + { + return ($token === $_COOKIE[$this->csrf_cookie_name]); + } + //status of user (In-active) public function deactiveStatus() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $id = $this->uri->segment(3); $update = array( 'IS_ACTIVE' => '0' @@ -197,12 +224,20 @@ public function deactiveStatus() // Registering a new User Form public function register() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } $this->load->view('users/register'); } // Registering User Insert public function registration() { + $group_id = $this->session->userdata("group_id"); + if ($group_id != 1) { + $Page = $this->General->check_url_permission_single(); + } extract($_POST); $full_name = $this->input->post('full_name'); $user_name = $this->input->post('user_name'); diff --git a/application/models/General.php b/application/models/General.php index c846a2c..11eeb39 100644 --- a/application/models/General.php +++ b/application/models/General.php @@ -465,6 +465,7 @@ function check_url_permission_single() if ($query > 0) { return $query; } else { + $this->session->set_flashdata('error', 'You dont have permission'); redirect(base_url()); } } diff --git a/application/views/_template/main.php b/application/views/_template/main.php index 0bb2153..62c418e 100644 --- a/application/views/_template/main.php +++ b/application/views/_template/main.php @@ -1,4 +1,6 @@ - +session->flashdata('error')) + echo $this->session->flashdata('error'); +?>
@@ -101,8 +103,8 @@
Today Sales sales_amount_total; - } ?> + echo $today_sale->sales_amount_total; + } ?>
@@ -116,8 +118,8 @@
This Month Sales sales_amount_total; - } ?> + echo $today_sale->sales_amount_total; + } ?>
@@ -143,33 +145,33 @@
- - - - - - + + + + + + - - - - - - - + + + + + + + "; - } ?> + } else { + echo ""; + } ?>
UserNameGroupStatusCreated
UserNameGroupStatusCreated
USER_NAME; ?>GROUP_NAME; ?>IS_ACTIVE == 1) { ?> - ACTIVE - - INACTIVE - - - CREATED_DATE)); ?> -
USER_NAME; ?>GROUP_NAME; ?>IS_ACTIVE == 1) { ?> + ACTIVE + + INACTIVE + + + CREATED_DATE)); ?> +
No Records Found
No Records Found
@@ -186,13 +188,12 @@

Search Employees

-

+

- +
    -
    +
    @@ -210,38 +211,39 @@ class="form-control input-medium"/>
    - - - - - - - - - + + + - + + + + + + + @@ -263,35 +265,34 @@ class="form-control input-medium"/>
    Item QtyNamePrice
    - stock_qty; - if ($aaa < 10) { - ?> - - $daily_st->stock_qty"; - - - ?> - - $daily_st->stock_qty"; - } - ?> - - category_name;?> - item_name; ?>stock_rate; ?>Item QtyNamePrice
    + stock_qty; + if ($aaa < 10) { + ?> + + $daily_st->stock_qty"; + + + ?> + + $daily_st->stock_qty"; + } + ?> + + category_name; + ?> + item_name; ?>stock_rate; ?>
    - - - - - - - - - - - - - - - - - + + + + + + - + + + + + + + + + + + +
    Purchase IDVendorDateStatusPurchase TotalView
    - purchase_no; ?> - vendor_name; ?>purchase_date)); ?> - PENDING - - Rs. grand_total; ?> - View Purchase - - Purchase IDVendorDateStatusPurchase TotalView
    + purchase_no; ?> + vendor_name; ?>purchase_date)); ?> + PENDING + + Rs. grand_total; ?> + View Purchase + +
    @@ -303,7 +304,8 @@ class="btn btn-info">View Purchase
    -
    +
    +

    Top 5 Selling Product June

    @@ -313,31 +315,32 @@ class="btn btn-info">View Purchase - - - - - - + + + + + + - - - - - - - + + + + + + + + + + + + - - - - - - +
    SlBarcodeProduct NameQty
    SlBarcodeProduct NameQty
    item_id; ?>item_name; ?>sales_qty; ?>
    item_id; ?>item_name; ?>sales_qty; ?>
    No Records Found
    No Records Found
    @@ -346,41 +349,43 @@ class="btn btn-info">View Purchase
    -
    +
    +

    - Top 5 Selling Product

    + Top 5 Selling Product
    - - - - - - + + + + + + - - - - - - - + + + + + + + + + + + + - - - - - - +
    SlBarcodeProduct NameQty
    SlBarcodeProduct NameQty
    item_id; ?>item_name; ?>sales_qty; ?>
    item_id; ?>item_name; ?>sales_qty; ?>
    No Records Found
    No Records Found
    @@ -389,4 +394,4 @@ class="btn btn-info">View Purchase
    -
    +
    \ No newline at end of file