From e71c0233a1d08f4e74df07e4d27a3be21b346dff Mon Sep 17 00:00:00 2001
From: Khurshid Alam <89677621+kmkalam24@users.noreply.github.com>
Date: Sat, 29 Apr 2023 11:48:47 +0600
Subject: [PATCH] Fix Security issue
---
core/ajax/ajax_data.php | 2 +-
core/ajax/ajax_pos.php | 2 +-
core/functions.php | 14 +++++-----
module/accounts/ajax.php | 10 +++++--
module/accounts/closings.php | 2 +-
module/accounts/overview.php | 29 ++++++++++++---------
module/customer-support/case-reply-view.php | 6 +++--
module/expenses/ajax.php | 10 +++----
module/loan-management/ajax.php | 10 +++----
module/marketing/add-specimen-copy.php | 2 +-
module/marketing/edit-specimen-copy.php | 2 +-
module/marketing/new-sc-distribution.php | 2 +-
module/my-shop/shop-overview.php | 2 +-
module/stock-management/ajax.php | 12 ++++-----
14 files changed, 57 insertions(+), 48 deletions(-)
diff --git a/core/ajax/ajax_data.php b/core/ajax/ajax_data.php
index d13aaa5..a648cee 100644
--- a/core/ajax/ajax_data.php
+++ b/core/ajax/ajax_data.php
@@ -378,7 +378,7 @@
) as product_price on product_price.product_id = sub_product.product_id"
),
"where" => array(
- "is_raw_materials = 0 and bg_product_id = {$product_id}"
+ "is_raw_materials = 0 and bg_product_id = '{$product_id}'"
)
));
diff --git a/core/ajax/ajax_pos.php b/core/ajax/ajax_pos.php
index 2138358..b6a5272 100644
--- a/core/ajax/ajax_pos.php
+++ b/core/ajax/ajax_pos.php
@@ -306,7 +306,7 @@
"inner join {$table_prefix}bg_product_items as bg_product on bg_product_id = product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
diff --git a/core/functions.php b/core/functions.php
index 3cc3e4d..348d9ce 100644
--- a/core/functions.php
+++ b/core/functions.php
@@ -1876,7 +1876,7 @@ function getCustomerPaymentInfo_back(int $customer_id) {
sum(received_payments_bonus) as received_payments_bonus
from {$table_prefix}received_payments where is_trash = 0 group by received_payments_from
) as {$table_prefix}received_payments on customer_id = received_payments_from
- where customer_id = {$customer_id}"
+ where customer_id = '{$customer_id}'"
);
}
@@ -2042,7 +2042,7 @@ function updateAccountBalance(int $accounts_id) {
where is_trash = 0
group by journal_records_accounts
) as journal_incoming_records on journal_incoming_records.journal_records_accounts = accounts_id
- where accounts_id = {$accounts_id}"
+ where accounts_id = '{$accounts_id}'"
)["data"][0];
@@ -2090,7 +2090,7 @@ function getEmployeePayableAmount(int $emp_id, string $salary_type) {
from {$table_prefix}employees
left join ( select salary_emp_id, salary_type, sum(salary_amount) as salary_amount_sum from {$table_prefix}salaries where is_trash = 0 and salary_type='{$salary_type}' group by salary_emp_id ) as {$table_prefix}salaries on salary_emp_id = emp_id
left join ( select payment_items_employee, sum(payment_items_amount) as payment_items_amount_sum from {$table_prefix}payment_items where is_trash = 0 and payment_items_type='{$salary_type}' group by payment_items_employee ) as get_payments_items on payment_items_employee = emp_id
- where emp_id = {$emp_id}
+ where emp_id = '{$emp_id}'
")["data"][0]["emp_payable_amount"];
// if salary type is salary then add the installment amount with payable amount
@@ -2425,12 +2425,10 @@ function send_sms($number, $msg) {
global $table_prefix;
- //$url = "http://66.45.237.70/maskingapi.php";
- $url = "http://66.45.237.70/api.php";
+ $url = "URL";
$data= array(
- 'username'=>"Royal",
- 'password'=>"CZXAPH@K8",
- //'senderid'=> "The Royal",
+ 'username'=>"username",
+ 'password'=>"password",
'number'=>$number,
'message'=>$msg
);
diff --git a/module/accounts/ajax.php b/module/accounts/ajax.php
index a3a4dd0..738c754 100644
--- a/module/accounts/ajax.php
+++ b/module/accounts/ajax.php
@@ -125,6 +125,7 @@
// List of all columns name
$columns = array(
+ "",
"accounts_name",
"accounts_type",
"accounts_balance",
@@ -446,7 +447,7 @@
-
+
@@ -492,6 +493,8 @@
return _e("Please enter transfer amount");
} else if( !negative_value_is_allowed($_POST["transferAcountsFrom"]) and $accounts_balance < $_POST["transferAmount"] ) {
return _e('Transfer amount is exceeded of account balance (%s)', number_format($accounts_balance, 2) );
+ } else if( $_POST["transferAmount"] < 0 ) {
+ return _e("Transfer amount can not be negative value.");
}
$insertTransfer = easyInsert(
@@ -854,7 +857,7 @@
-
+
@@ -885,6 +888,8 @@
return _e("Please select accounts");
} elseif(empty($_POST["capitalAmount"])) {
return _e("Please enter amount");
+ } elseif ( $_POST["capitalAmount"] < 0 ) {
+ return _e("Capital amount can not be a negative amount.");
}
$insertCapital = easyInsert(
@@ -1114,6 +1119,7 @@
// List of all columns name
$columns = array(
+ "",
"customer_name",
"closings_title",
"closings_date"
diff --git a/module/accounts/closings.php b/module/accounts/closings.php
index 217f8dd..e7e5135 100644
--- a/module/accounts/closings.php
+++ b/module/accounts/closings.php
@@ -16,7 +16,7 @@
-
+
diff --git a/module/accounts/overview.php b/module/accounts/overview.php
index 198333f..9a2d6a6 100644
--- a/module/accounts/overview.php
+++ b/module/accounts/overview.php
@@ -80,7 +80,7 @@
) as get_bills on bills_date = db_date
where month(CURRENT_DATE) = month(db_date) and year(CURRENT_DATE) = year(db_date)
order by db_date ASC
- ")["data"];
+ ");
$dates = array();
$incomes = array();
@@ -90,22 +90,25 @@
$profit = array();
$profitable = array();
- // loop all data and push data into relavent array
- foreach($overview as $key => $data) {
+ if( $overview !== false ) {
- array_push($dates, $data["db_date"]);
- array_push($incomes, $data["total_income"]);
- array_push($receivable, $data["receivables_amount"]);
- array_push($expence, $data["total_expence"]);
- array_push($payable, ($data["payables_amount"]) < 0 ? 0 : $data["payables_amount"] );
+ // loop all data and push data into relavent array
+ foreach($overview["data"] as $key => $data) {
- // Calculate Profit
- $calculateProfit = $data["total_income"] - $data["total_expence"];
-
- array_push($profit, $calculateProfit);
+ array_push($dates, $data["db_date"]);
+ array_push($incomes, $data["total_income"]);
+ array_push($receivable, $data["receivables_amount"]);
+ array_push($expence, $data["total_expence"]);
+ array_push($payable, ($data["payables_amount"]) < 0 ? 0 : $data["payables_amount"] );
- }
+ // Calculate Profit
+ $calculateProfit = $data["total_income"] - $data["total_expence"];
+
+ array_push($profit, $calculateProfit);
+
+ }
+ }
?>
diff --git a/module/customer-support/case-reply-view.php b/module/customer-support/case-reply-view.php
index 39f15ef..d078527 100644
--- a/module/customer-support/case-reply-view.php
+++ b/module/customer-support/case-reply-view.php
@@ -266,7 +266,8 @@
"table" => "cases",
"fields" => "case_id, case_title, case_status",
"where" => array(
- "is_trash = 0 and case_id != {$_GET["case_id"]} and case_person" => $case["case_person"]
+ "is_trash = 0 and case_id != '{$_GET["case_id"]}'",
+ " and case_person" => $case["case_person"]
),
"orderby" => array(
"case_id" => "DESC"
@@ -348,7 +349,8 @@
"table" => "cases",
"fields" => "case_id, case_title, case_status",
"where" => array(
- "is_trash = 0 and case_id != {$_GET["case_id"]} and case_customer" => $case["case_customer"]
+ "is_trash = 0 and case_id != '{$_GET["case_id"]}'",
+ " and case_customer" => $case["case_customer"]
),
"orderby" => array(
"case_id" => "DESC"
diff --git a/module/expenses/ajax.php b/module/expenses/ajax.php
index 7fe78cc..cf7e7d7 100644
--- a/module/expenses/ajax.php
+++ b/module/expenses/ajax.php
@@ -1558,12 +1558,12 @@ function (data, status) {
) as totalPaidAmount on loan_id = totalPaidAmount.loan_ids
left join (select
loan_ids, 1 as thisMonthInstallmentPayingStatus
- from {$table_prefix}loan_installment where is_trash = 0 and MONTH(loan_installment_date) = {$month} and year(loan_installment_date) = {$year} group by loan_ids
+ from {$table_prefix}loan_installment where is_trash = 0 and MONTH(loan_installment_date) = '{$month}' and year(loan_installment_date) = '{$year}' group by loan_ids
) as thisMonthStatus on loan_id = thisMonthStatus.loan_ids
- where loan.is_trash = 0 and loan_borrower = {$emp_id} and loan_installment_starting_from <= '{$year}-{$month}-01'
+ where loan.is_trash = 0 and loan_borrower = '{$emp_id}' and loan_installment_starting_from <= '{$year}-{$month}-01'
and ( loan_paid_amount is null or loan_paid_amount < loan_amount)"
- // loan_paid_amount can be NULL on left join if there is no recrods, for that the is null check.
- // We can also use HAVING cluese without using is null check. But it will raise a error with full_group_by mode.
+ // loan_paid_amount can be NULL on left join if there is no records, for that the is null check.
+ // We can also use HAVING clause without using is null check. But it will raise a error with full_group_by mode.
);
// Check if there any Loan Data Exists
@@ -3881,7 +3881,7 @@ function(data, status) {
left join ( select advance_payment_pay_to, sum(advance_payment_amount) as advance_payment_amount_sum from {$table_prefix}advance_payments where is_trash = 0 group by advance_payment_pay_to ) as get_advance_payments on advance_payment_pay_to = emp_id
left join ( select payment_to_employee, sum(payment_amount) as payment_amount_sum from {$table_prefix}payments where is_trash = 0 and payment_type = 'Advance Adjustment' group by payment_to_employee ) as get_payments on payment_to_employee = emp_id
left join ( select payments_return_emp_id, sum(payments_return_amount) as payments_return_amount_sum from {$table_prefix}payments_return where is_trash = 0 group by payments_return_emp_id ) as get_advance_return on payments_return_emp_id = emp_id
- where emp_id = {$emp_id}"
+ where emp_id = '{$emp_id}'"
)["data"][0];
if( ( $_POST["returnableAdvancePaymentAmount"] + $getEmpAdvancePaymentData["advance_adjust_amount"] ) > $getEmpAdvancePaymentData["advance_paid_amount"] ) {
diff --git a/module/loan-management/ajax.php b/module/loan-management/ajax.php
index ee50c81..eddb3ab 100644
--- a/module/loan-management/ajax.php
+++ b/module/loan-management/ajax.php
@@ -266,7 +266,7 @@
*
from {$table_prefix}loan as loan
left join {$table_prefix}employees on loan_borrower = emp_id
- where loan.is_trash = 0 and loan_id = {$loan_id}
+ where loan.is_trash = 0 and loan_id = '{$loan_id}'
"
)["data"][0];
@@ -740,12 +740,12 @@ function (data, status) {
) as totalPaidAmount on loan_id = totalPaidAmount.loan_ids
left join (select
loan_ids, 1 as thisMonthInstallmentPayingStatus
- from {$table_prefix}loan_installment where is_trash = 0 and MONTH(loan_installment_date) = {$month} and year(loan_installment_date) = {$year} group by loan_ids
+ from {$table_prefix}loan_installment where is_trash = 0 and MONTH(loan_installment_date) = '{$month}' and year(loan_installment_date) = '{$year}' group by loan_ids
) as thisMonthStatus on loan_id = thisMonthStatus.loan_ids
- where loan.is_trash = 0 and loan_borrower = {$emp_id} and loan_installment_starting_from <= '{$year}-{$month}-01'
+ where loan.is_trash = 0 and loan_borrower = '{$emp_id}' and loan_installment_starting_from <= '{$year}-{$month}-01'
and ( loan_paid_amount is null or loan_paid_amount < loan_amount)"
- // loan_paid_amount can be NULL on left join if there is no recrods, for that the is null check.
- // We can also use HAVING cluese without using is null check. But it will raise a error with full_group_by mode.
+ // loan_paid_amount can be NULL on left join if there is no records, for that the is null check.
+ // We can also use HAVING clause without using is null check. But it will raise a error with full_group_by mode.
);
// Check if there any Loan Data Exists
diff --git a/module/marketing/add-specimen-copy.php b/module/marketing/add-specimen-copy.php
index 6324738..4ecde92 100644
--- a/module/marketing/add-specimen-copy.php
+++ b/module/marketing/add-specimen-copy.php
@@ -126,7 +126,7 @@
"inner join {$table_prefix}bg_product_items as bg_product on bg_product_id = product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
diff --git a/module/marketing/edit-specimen-copy.php b/module/marketing/edit-specimen-copy.php
index febada9..ca0513b 100644
--- a/module/marketing/edit-specimen-copy.php
+++ b/module/marketing/edit-specimen-copy.php
@@ -135,7 +135,7 @@
"inner join {$table_prefix}bg_product_items as bg_product on bg_product_id = product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
diff --git a/module/marketing/new-sc-distribution.php b/module/marketing/new-sc-distribution.php
index 0445483..51e5cfe 100644
--- a/module/marketing/new-sc-distribution.php
+++ b/module/marketing/new-sc-distribution.php
@@ -104,7 +104,7 @@
"inner join {$table_prefix}bg_product_items as bg_product on bg_product_id = product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
diff --git a/module/my-shop/shop-overview.php b/module/my-shop/shop-overview.php
index 1b2ee54..a5e742f 100644
--- a/module/my-shop/shop-overview.php
+++ b/module/my-shop/shop-overview.php
@@ -29,7 +29,7 @@
payment_date,
sum(payment_amount) as payment_amount_sum
from {$table_prefix}payments
- where payment_from = {$accountsId}
+ where payment_from = '{$accountsId}'
group by payment_date
) as get_payments on payment_date = db_date
where db_date = CURRENT_DATE
diff --git a/module/stock-management/ajax.php b/module/stock-management/ajax.php
index 3fdf0c2..561d1cd 100644
--- a/module/stock-management/ajax.php
+++ b/module/stock-management/ajax.php
@@ -175,7 +175,7 @@
) as product_price on product_price.product_id = bg_item_product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
@@ -511,7 +511,7 @@
) as product_price on product_price.product_id = bg_item_product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
@@ -1118,7 +1118,7 @@
) as product_price on product_price.product_id = bg_item_product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
@@ -1651,7 +1651,7 @@
"inner join {$table_prefix}bg_product_items as bg_product on bg_product_id = product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
@@ -1973,7 +1973,7 @@
) as product_price on product_price.product_id = bg_item_product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));
@@ -3287,7 +3287,7 @@
"left join {$table_prefix}products as sub_product on sub_product.product_id = bg_item_product_id"
),
"where" => array(
- "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = {$productId}"
+ "( product.has_sub_product = 1 or product.product_type = 'Bundle' ) and bg_product.is_raw_materials = 0 and product.product_id = '{$productId}'"
)
));