fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

very high y high

Browse Source
This commit is contained in:
marcelo.cuiza
2015-05-07 13:17:58 -04:00
parent 70d5de6db5
commit f02c45f6a1
2 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
gulliver/system/class.dbMaintenance.php
View File

@@ -419,6 +419,15 @@ class DataBaseMaintenance
}
/* execute multi query */
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$arrayQuerys = explode(';',$query);
foreach($arrayQuerys as $v) {
$newQuery[] = $filter->preventSqlInjection($v);
}
$query = implode(';',$newQuery);
if ($mysqli->multi_query( $query )) {
do {
/* store first result set */
@@ -450,7 +459,7 @@ class DataBaseMaintenance
}
}
$sQuery = "LOCK TABLES " . implode( " READ, ", $aTables ) . " READ; ";
$sQuery = 'LOCK TABLES ' . implode( ' READ, ', $aTables ) . ' READ; ';
if (@mysql_query( $filter->preventSqlInjection($sQuery) )) {
echo " [OK]\n";
@@ -622,6 +631,15 @@ class DataBaseMaintenance
}
/* execute multi query */
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$arrayQuerys = explode(';',$query);
foreach($arrayQuerys as $v) {
$newQuery[] = $filter->preventSqlInjection($v);
}
$query = implode(';',$newQuery);
if ($mysqli->multi_query( $query )) {
do {
/* store first result set */

17
gulliver/thirdparty/pear/PEAR/Command/Package.php vendored
View File

@@ -452,6 +452,9 @@ Wrote: /usr/src/redhat/RPMS/i386/PEAR::Net_Socket-1.0-1.i386.rpm
function doRunTests($command, $options, $params)
{
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$cwd = getcwd();
$php = PHP_BINDIR . '/php' . (OS_WINDOWS ? '.exe' : '');
putenv("TEST_PHP_EXECUTABLE=$php");
@@ -465,8 +468,18 @@ Wrote: /usr/src/redhat/RPMS/i386/PEAR::Net_Socket-1.0-1.i386.rpm
}
}
$plist = implode(" ", $params);
$php = $filter->validateInput($php);
$cwd = $filter->validateInput($cwd);
$ps = $filter->validateInput($ps);
$ip = $filter->validateInput($ip);
$run_tests = $filter->validateInput($run_tests);
$plist = $filter->validateInput($plist);
$cmd = $php.' -C -d include_path='.$cwd.$ps.$ip.' -f '.$run_tests.' -- '.$plist;
$cmd = $filter->validateInput($cmd);
if (!class_exists('G')) {
$realdocuroot = str_replace( '\\', '/', $_SERVER['DOCUMENT_ROOT'] );
$docuroot = explode( '/', $realdocuroot );
@@ -477,10 +490,6 @@ Wrote: /usr/src/redhat/RPMS/i386/PEAR::Net_Socket-1.0-1.i386.rpm
require_once($pathTrunk.'gulliver/system/class.g.php');
}
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$cmd = $filter->validateInput($cmd);
system($cmd);
return true;
}