fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PM-2061

Browse Source 
Resolver las incidencias Very High y High del third Party

Se validaron las incidencias
This commit is contained in:
marcelo.cuiza
2015-04-02 09:44:16 -04:00
parent 245f2118ed
commit d85098ff06
4 changed files with 107 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
gulliver/system/class.dbMaintenance.php
View File

@@ -443,8 +443,16 @@ class DataBaseMaintenance
if (empty( $aTables ))
return false;
printf( "%-70s", "LOCK TABLES" );
if(is_array($aTables)) {
foreach($aTables as $k => $v) {
$aTables[$k] = mysql_real_escape_string($v);
}
}
$sQuery = "LOCK TABLES " . implode( " READ, ", $aTables ) . " READ; ";
$sQuery = $filter->preventSqlInjection($sQuery);
if (@mysql_query( $sQuery )) {
echo " [OK]\n";
return true;

77
gulliver/thirdparty/creole/drivers/pgsql/metadata/PgSQLTableInfo.php vendored
View File

@@ -70,6 +70,17 @@ class PgSQLTableInfo extends TableInfo {
// Get the columns, types, etc.
// Based on code from pgAdmin3 (http://www.pgadmin.org/)
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int');
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
att.attname,
att.atttypmod,
@@ -203,6 +214,17 @@ class PgSQLTableInfo extends TableInfo {
{
throw new SQLException ("Invalid domain name [" . $strDomain . "]");
} // if (strlen (trim ($strDomain)) < 1)
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$strDomain = $filter->validateInput($strDomain);
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
d.typname as domname,
b.typname as basetype,
@@ -244,6 +266,16 @@ class PgSQLTableInfo extends TableInfo {
{
include_once 'creole/metadata/ForeignKeyInfo.php';
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int');
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
conname,
confupdtype,
@@ -329,6 +361,16 @@ class PgSQLTableInfo extends TableInfo {
// columns have to be loaded first
if (!$this->colsLoaded) $this->initColumns();
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid, 'int');
$result = pg_query ($this->conn->getResource(), sprintf ("SELECT
DISTINCT ON(cls.relname)
cls.relname as idxname,
@@ -344,6 +386,16 @@ class PgSQLTableInfo extends TableInfo {
throw new SQLException("Could not list indexes keys for table: " . $this->name, pg_last_error($this->conn->getResource()));
}
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid);
while($row = pg_fetch_assoc($result)) {
$name = $row["idxname"];
$unique = ($row["indisunique"] == 't') ? true : false;
@@ -353,6 +405,8 @@ class PgSQLTableInfo extends TableInfo {
$arrColumns = explode (' ', $row['indkey']);
foreach ($arrColumns as $intColNum)
{
$intColNum = $filter->validateInput($intColNum, 'int');
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped
@@ -380,6 +434,16 @@ class PgSQLTableInfo extends TableInfo {
// Primary Keys
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid);
$result = pg_query($this->conn->getResource(), sprintf ("SELECT
DISTINCT ON(cls.relname)
cls.relname as idxname,
@@ -396,10 +460,23 @@ class PgSQLTableInfo extends TableInfo {
// Loop through the returned results, grouping the same key_name together
// adding each column for that key.
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$this->oid = $filter->validateInput($this->oid);
while($row = pg_fetch_assoc($result)) {
$arrColumns = explode (' ', $row['indkey']);
foreach ($arrColumns as $intColNum)
{
$intColNum = $filter->validateInput($intColNum, 'int');
$result2 = pg_query ($this->conn->getResource(), sprintf ("SELECT a.attname
FROM pg_catalog.pg_class c JOIN pg_catalog.pg_attribute a ON a.attrelid = c.oid
WHERE c.oid = '%s' AND a.attnum = %d AND NOT a.attisdropped

10
gulliver/thirdparty/creole/drivers/sqlite/metadata/SQLiteTableInfo.php vendored
View File

@@ -105,11 +105,21 @@ class SQLiteTableInfo extends TableInfo {
// columns have to be loaded first
if (!$this->colsLoaded) $this->initColumns();
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$sql = "PRAGMA index_list('".$this->name."')";
$res = sqlite_query($this->conn->getResource(), $sql);
while($row = sqlite_fetch_array($res, SQLITE_ASSOC)) {
$name = $row['name'];
$name = $filter->validateInput($name);
$this->indexes[$name] = new IndexInfo($name);
// get columns for that index

11
gulliver/thirdparty/pear/PEAR/Command/Package.php vendored
View File

@@ -451,6 +451,17 @@ Wrote: /usr/src/redhat/RPMS/i386/PEAR::Net_Socket-1.0-1.i386.rpm
}
$plist = implode(" ", $params);
$cmd = "$php -C -d include_path=$cwd$ps$ip -f $run_tests -- $plist";
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
array_pop( $docuroot );
$pathhome = implode( '/', $docuroot ) . '/';
array_pop( $docuroot );
$pathTrunk = implode( '/', $docuroot ) . '/';
require_once($pathTrunk.'gulliver/system/class.inputfilter.php');
$filter = new InputFilter();
$cmd = $filter->validateInput($cmd);
system($cmd);
return true;
}