Jingga/phpOMS
1
0
Fork 0
mirror of https://github.com/Karaka-Management/phpOMS.git synced 2026-01-21 13:58:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix value injection

Browse Source
This commit is contained in:
Dennis Eichhorn 2018-02-17 09:18:46 +01:00
parent e90ad9477a
commit f7ebd61f40
4 changed files with 37 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
DataStorage/Database/BuilderAbstract.php
View File

@ -82,6 +82,20 @@ abstract class BuilderAbstract
return $this;
}
/**
* Escape string value
*
* @param string $value Value to escape
*
* @return string
*
* @since 1.0.0
*/
public function quote(string $value) : string
{
return $this->connection->con->quote($value);
}
/**
* Get prefix.
*

2
DataStorage/Database/DataMapperAbstract.php
View File

@ -256,7 +256,7 @@ class DataMapperAbstract implements DataMapperInterface
/**
* Load.
*
* @param array $objects Objects to load
* @param array ...$objects Objects to load
*
* @return void
*

14
DataStorage/Database/Query/Builder.php
View File

@ -325,7 +325,7 @@ class Builder extends BuilderAbstract
}
/**
* Parsing to string.
* Parsing to sql string.
*
* @return string
*
@ -336,6 +336,18 @@ class Builder extends BuilderAbstract
return $this->grammar->compileQuery($this);
}
/**
* Parsing to prepared string.
*
* @return string
*
* @since 1.0.0
*/
public function toPrepared() : string
{
return $this->grammar->compilePreparedQuery($this);
}
/**
* Set raw query.
*

17
DataStorage/Database/Query/Grammar/Grammar.php
View File

@ -297,10 +297,10 @@ class Grammar extends GrammarAbstract
// todo: handle IN(...) as operator
if (isset($element['value'])) {
$expression .= ' ' . strtoupper($element['operator']) . ' ' . $this->compileValue($element['value'], $query->getPrefix());
$expression .= ' ' . strtoupper($element['operator']) . ' ' . $this->compileValue($query, $element['value'], $query->getPrefix());
} else {
$operator = strtoupper($element['operator']) === '=' ? 'IS' : 'IS NOT';
$expression .= ' ' . $operator . ' ' . $this->compileValue($element['value'], $query->getPrefix());
$expression .= ' ' . $operator . ' ' . $this->compileValue($query, $element['value'], $query->getPrefix());
}
return $expression;
@ -315,6 +315,7 @@ class Grammar extends GrammarAbstract
/**
* Compile value.
*
* @param Builder $query Query builder
* @param array|string|\Closure $value Value
* @param string $prefix Prefix in case value is a table
*
@ -324,26 +325,26 @@ class Grammar extends GrammarAbstract
*
* @since 1.0.0
*/
protected function compileValue($value, $prefix = '') : string
protected function compileValue(Builder $query, $value, string $prefix = '') : string
{
if (is_string($value)) {
if (strpos($value, ':') === 0) {
return $value;
}
return $this->valueQuotes . $value . $this->valueQuotes;
return $query->quote($value);
} elseif (is_int($value)) {
return (string) $value;
} elseif (is_array($value)) {
$values = '';
foreach ($value as $val) {
$values .= $this->compileValue($val) . ', ';
$values .= $this->compileValue($query, $val, $prefix) . ', ';
}
return '(' . rtrim($values, ', ') . ')';
} elseif ($value instanceof \DateTime) {
return $this->valueQuotes . $value->format('Y-m-d H:i:s') . $this->valueQuotes;
return $query->quote($value->format('Y-m-d H:i:s'));
} elseif (is_null($value)) {
return 'NULL';
} elseif (is_bool($value)) {
@ -512,7 +513,7 @@ class Grammar extends GrammarAbstract
$vals = '';
foreach ($values as $value) {
$vals .= $this->compileValue($value) . ', ';
$vals .= $this->compileValue($query, $value) . ', ';
}
if ($vals === '') {
@ -540,7 +541,7 @@ class Grammar extends GrammarAbstract
// todo change expressionizeTableColumn to accept single column and create additionl for Columns
$expression = $this->expressionizeTableColumn([$column], $query->getPrefix());
$vals .= $expression . ' = ' . $this->compileValue($value) . ', ';
$vals .= $expression . ' = ' . $this->compileValue($query, $value) . ', ';
}
if ($vals === '') {