Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Protector update for PDO SQL sanitizing Close #496 #497

Merged

Conversation

@skenow
Copy link
Contributor

skenow commented Sep 29, 2019

SQL check for PDO was failing and blocking custom blocks with PHP

skenow added 11 commits Aug 8, 2019
Still need to handle removing the preload on uninstall and some mysql
functions in the prefix manager
Fixed test for removing preload during uninstall see #482
Classes were using methods with the same name as the class instead of
__contruct()
The PDO method for invoking Protector's SQL check was flawed and
therefore PHP blocks could not be created or modified. There were some
redundant lines and an invalid return after checking.
@ImpressCMS ImpressCMS deleted a comment from todo bot Sep 29, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Sep 29, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Sep 29, 2019
@skenow

This comment has been minimized.

Copy link
Contributor Author

skenow commented Sep 29, 2019

This may need to have some of the previous code added back in - trying to following all the logic

@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 2, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 2, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 2, 2019
@skenow

This comment has been minimized.

Copy link
Owner Author

skenow commented on d2db44c Oct 2, 2019

I'm confident this is the closest to the original Protector tests in mysql, implemented for PDO

@skenow skenow requested review from fiammybe and MekDrop Oct 8, 2019
@MekDrop MekDrop added the enhancement label Oct 8, 2019
@MekDrop MekDrop added this to In progress in v1.4.x via automation Oct 8, 2019
@MekDrop MekDrop added this to the 1.4.0 milestone Oct 8, 2019
@MekDrop
MekDrop approved these changes Oct 8, 2019
It seems to be used somewhere during installation
@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 8, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 8, 2019
@ImpressCMS ImpressCMS deleted a comment from todo bot Oct 8, 2019
@MekDrop MekDrop merged commit f7de285 into ImpressCMS:branches/impresscms_1.4 Oct 8, 2019
2 checks passed
2 checks passed
AccessLint Review complete
WIP Ready for review
Details
v1.4.x automation moved this from In progress to Done Oct 8, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
v1.4.x
  
Done
3 participants
You can’t perform that action at this time.