Skip to content

Commit

Permalink
sec(Search/Reports) sanitize parameters
Browse files Browse the repository at this point in the history
  • Loading branch information
@joebordes
joebordes committed Jan 15, 2022
1 parent ee5eb95 commit 63aab1d
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 7 deletions.
7 changes: 6 additions & 1 deletion include/utils/CommonUtils.php
View file
Expand Up @@ -3217,7 +3217,12 @@ function getBasic_Advance_SearchURL() {
if ($_REQUEST['searchtype'] == 'BasicSearch') {
$url .= (isset($_REQUEST['search_field'])) ? '&search_field=' . urlencode(vtlib_purify($_REQUEST['search_field'])) : '';
$url .= (isset($_REQUEST['search_text'])) ? '&search_text=' . to_html(vtlib_purify($_REQUEST['search_text'])) : '';
$url .= (isset($_REQUEST['type'])) ? '&type=' . vtlib_purify($_REQUEST['type']) : '';
if (isset($_REQUEST['type'])) {
$srchtype = (substr(trim($_REQUEST['type']), 0, 5)=='alpbt' ? 'alpbt' : 'entchar');
} else {
$srchtype = '';
}
$url .= '&type='.$srchtype;
} elseif ($_REQUEST['searchtype'] == 'advance') {
$count = empty($_REQUEST['search_cnt']) ? 0 : vtlib_purify($_REQUEST['search_cnt']);
for ($i = 0; $i < $count; $i++) {
Expand Down
6 changes: 3 additions & 3 deletions modules/RecycleBin/RecycleBinUtils.php
View file
Expand Up @@ -44,9 +44,9 @@ function RBSearch($module) {
$where=basicRBsearch($module, $search_column, $search_string);
}

$url_string = "&search_field=".$search_column."&search_text=".$search_string."&searchtype=BasicSearch";
if (isset($_REQUEST['type']) && $_REQUEST['type'] != '') {
$url_string .= "&type=".vtlib_purify($_REQUEST['type']);
$url_string = '&search_field='.$search_column.'&search_text='.$search_string.'&searchtype=BasicSearch';
if (!empty($_REQUEST['type'])) {
$url_string .= '&type='.substr(trim($_REQUEST['type']), 0, 5)=='alpbt' ? 'alpbt' : 'entchar';
}
$log->debug('< RBSearch');
return $where.'#@@#'.$url_string;
Expand Down
6 changes: 3 additions & 3 deletions modules/Reports/NewReport0.php
View file
Expand Up @@ -28,15 +28,15 @@
$list_report_form->assign('MOD', $mod_strings);
$list_report_form->assign('APP', $app_strings);
$list_report_form->assign('LBL_CHARSET', $default_charset);
$list_report_form->assign('REPORTTYPE', isset($_REQUEST['reporttype']) ? vtlib_purify($_REQUEST['reporttype']) : '');
$list_report_form->assign('REPORTTYPE2', isset($_REQUEST['cbreporttype']) ? vtlib_purify($_REQUEST['cbreporttype']) : '');
$list_report_form->assign('REPORTTYPE', isset($_REQUEST['reporttype']) ? htmlentities(vtlib_purify($_REQUEST['reporttype']), ENT_QUOTES) : '');
$list_report_form->assign('REPORTTYPE2', isset($_REQUEST['cbreporttype']) ? htmlentities(vtlib_purify($_REQUEST['cbreporttype']), ENT_QUOTES) : '');
$repObj = new Reports();
$folderid = 0;
if ($recordid!='') {
$oRep = new Reports($recordid);
$sec_module = array();
if ($oRep->secmodule!='') {
$sec_mod = explode(":", $oRep->secmodule);
$sec_mod = explode(':', $oRep->secmodule);
$rel_modules = getReportRelatedModules($oRep->primodule, $oRep);
if (!empty($sec_mod)) {
foreach ($sec_mod as $module) {
Expand Down

0 comments on commit 63aab1d

Please sign in to comment.