PM-2061
Resolver las incidencias Very High y High del third Party Se validaron las incidencias
This commit is contained in:
marcelo.cuiza
@@ -443,8 +443,16 @@ class DataBaseMaintenance
|
|||||||
if (empty( $aTables ))
|
if (empty( $aTables ))
|
||||||
return false;
|
return false;
|
||||||
printf( "%-70s", "LOCK TABLES" );
|
printf( "%-70s", "LOCK TABLES" );
|
||||||
|
|
||||||
|
if(is_array($aTables)) {
|
||||||
|
foreach($aTables as $k => $v) {
|
||||||
|
$aTables[$k] = mysql_real_escape_string($v);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$sQuery = "LOCK TABLES " . implode( " READ, ", $aTables ) . " READ; ";
|
$sQuery = "LOCK TABLES " . implode( " READ, ", $aTables ) . " READ; ";
|
||||||
$sQuery = $filter->preventSqlInjection($sQuery);
|
$sQuery = $filter->preventSqlInjection($sQuery);
|
||||||
|
|
||||||
if (@mysql_query( $sQuery )) {
|
if (@mysql_query( $sQuery )) {
|
||||||
echo " [OK]\n";
|
echo " [OK]\n";
|
||||||
return true;
|
return true;
|
||||||
|
|||||||
@@ -70,6 +70,17 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
|
|
||||||
// Get the columns, types, etc.
|
// Get the columns, types, etc.
|
||||||
// Based on code from pgAdmin3 (http://www.pgadmin.org/)
|
// Based on code from pgAdmin3 (http://www.pgadmin.org/)
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid, 'int');
|
||||||
|
|
||||||
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
||||||
att.attname,
|
att.attname,
|
||||||
att.atttypmod,
|
att.atttypmod,
|
||||||
@@ -203,6 +214,17 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
{
|
{
|
||||||
throw new SQLException ("Invalid domain name [" . $strDomain . "]");
|
throw new SQLException ("Invalid domain name [" . $strDomain . "]");
|
||||||
} // if (strlen (trim ($strDomain)) < 1)
|
} // if (strlen (trim ($strDomain)) < 1)
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$strDomain = $filter->validateInput($strDomain);
|
||||||
|
|
||||||
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
||||||
d.typname as domname,
|
d.typname as domname,
|
||||||
b.typname as basetype,
|
b.typname as basetype,
|
||||||
@@ -243,6 +265,16 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
protected function initForeignKeys()
|
protected function initForeignKeys()
|
||||||
{
|
{
|
||||||
include_once 'creole/metadata/ForeignKeyInfo.php';
|
include_once 'creole/metadata/ForeignKeyInfo.php';
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid, 'int');
|
||||||
|
|
||||||
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
||||||
conname,
|
conname,
|
||||||
@@ -328,6 +360,16 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
|
|
||||||
// columns have to be loaded first
|
// columns have to be loaded first
|
||||||
if (!$this->colsLoaded) $this->initColumns();
|
if (!$this->colsLoaded) $this->initColumns();
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid, 'int');
|
||||||
|
|
||||||
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
|
||||||
DISTINCT ON(cls.relname)
|
DISTINCT ON(cls.relname)
|
||||||
@@ -343,6 +385,16 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
if (!$result) {
|
if (!$result) {
|
||||||
throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
|
throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid);
|
||||||
|
|
||||||
while($row = pg_fetch_assoc($result)) {
|
while($row = pg_fetch_assoc($result)) {
|
||||||
$name = $row["idxname"];
|
$name = $row["idxname"];
|
||||||
@@ -353,6 +405,8 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
$arrColumns = explode (' ', $row['indkey']);
|
$arrColumns = explode (' ', $row['indkey']);
|
||||||
foreach ($arrColumns as $intColNum)
|
foreach ($arrColumns as $intColNum)
|
||||||
{
|
{
|
||||||
|
$intColNum = $filter->validateInput($intColNum, 'int');
|
||||||
|
|
||||||
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
|
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
|
||||||
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
|
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
|
||||||
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
|
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
|
||||||
@@ -380,6 +434,16 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
|
|
||||||
// Primary Keys
|
// Primary Keys
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid);
|
||||||
|
|
||||||
$result = pg_query($this->conn->getResource(), sprintf ("SELECT
|
$result = pg_query($this->conn->getResource(), sprintf ("SELECT
|
||||||
DISTINCT ON(cls.relname)
|
DISTINCT ON(cls.relname)
|
||||||
cls.relname as idxname,
|
cls.relname as idxname,
|
||||||
@@ -395,11 +459,24 @@ class PgSQLTableInfo extends TableInfo {
|
|||||||
|
|
||||||
// Loop through the returned results, grouping the same key_name together
|
// Loop through the returned results, grouping the same key_name together
|
||||||
// adding each column for that key.
|
// adding each column for that key.
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$this->oid = $filter->validateInput($this->oid);
|
||||||
|
|
||||||
|
|
||||||
while($row = pg_fetch_assoc($result)) {
|
while($row = pg_fetch_assoc($result)) {
|
||||||
$arrColumns = explode (' ', $row['indkey']);
|
$arrColumns = explode (' ', $row['indkey']);
|
||||||
foreach ($arrColumns as $intColNum)
|
foreach ($arrColumns as $intColNum)
|
||||||
{
|
{
|
||||||
|
$intColNum = $filter->validateInput($intColNum, 'int');
|
||||||
|
|
||||||
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
|
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
|
||||||
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
|
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
|
||||||
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
|
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
|
||||||
|
|||||||
@@ -103,13 +103,23 @@ class SQLiteTableInfo extends TableInfo {
|
|||||||
include_once 'creole/metadata/IndexInfo.php';
|
include_once 'creole/metadata/IndexInfo.php';
|
||||||
|
|
||||||
// columns have to be loaded first
|
// columns have to be loaded first
|
||||||
if (!$this->colsLoaded) $this->initColumns();
|
if (!$this->colsLoaded) $this->initColumns();
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
|
||||||
$sql = "PRAGMA index_list('".$this->name."')";
|
$sql = "PRAGMA index_list('".$this->name."')";
|
||||||
$res = sqlite_query($this->conn->getResource(), $sql);
|
$res = sqlite_query($this->conn->getResource(), $sql);
|
||||||
|
|
||||||
while($row = sqlite_fetch_array($res, SQLITE_ASSOC)) {
|
while($row = sqlite_fetch_array($res, SQLITE_ASSOC)) {
|
||||||
$name = $row['name'];
|
$name = $row['name'];
|
||||||
|
$name = $filter->validateInput($name);
|
||||||
$this->indexes[$name] = new IndexInfo($name);
|
$this->indexes[$name] = new IndexInfo($name);
|
||||||
|
|
||||||
// get columns for that index
|
// get columns for that index
|
||||||
|
|||||||
@@ -451,6 +451,17 @@ Wrote: /usr/src/redhat/RPMS/i386/PEAR::Net_Socket-1.0-1.i386.rpm
|
|||||||
}
|
}
|
||||||
$plist = implode(" ", $params);
|
$plist = implode(" ", $params);
|
||||||
$cmd = "$php -C -d include_path=$cwd$ps$ip -f $run_tests -- $plist";
|
$cmd = "$php -C -d include_path=$cwd$ps$ip -f $run_tests -- $plist";
|
||||||
|
|
||||||
|
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
|
||||||
|
$docuroot = explode( '/', $realdocuroot );
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathhome = implode( '/', $docuroot ) . '/';
|
||||||
|
array_pop( $docuroot );
|
||||||
|
$pathTrunk = implode( '/', $docuroot ) . '/';
|
||||||
|
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
|
||||||
|
$filter = new InputFilter();
|
||||||
|
$cmd = $filter->validateInput($cmd);
|
||||||
|
|
||||||
system($cmd);
|
system($cmd);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user