Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix SQL injection #475

Merged
merged 1 commit into from Jan 30, 2020
Merged

Fix SQL injection #475

merged 1 commit into from Jan 30, 2020

Conversation

@shoeper
Copy link
Contributor

shoeper commented Jan 25, 2020

Fixes an SQL injection in fmFirewall.

If interested we can also discuss on how to fix this project wide, as I think it is likely that there are more injections possible.

@shoeper shoeper force-pushed the shoeper:fix branch 3 times, most recently from 3d21f8f to ff2a836 Jan 25, 2020
@shoeper shoeper force-pushed the shoeper:fix branch from ff2a836 to 0692eb8 Jan 25, 2020
@shoeper

This comment has been minimized.

Copy link
Contributor Author

shoeper commented Jan 27, 2020

@WillyXJ WillyXJ merged commit b183850 into WillyXJ:master Jan 30, 2020
Copy link

hendrikb101 left a comment

Not sure if it fixed it though.. I did a brand new installation twice now and can't load Hosts or Networks in the Manager, no error, just doesn't add the entry.

@shoeper

This comment has been minimized.

Copy link
Contributor Author

shoeper commented Feb 25, 2020

I don't think it is related.

To make the project completely free of SQL injections it would be the best to completely migrate to prepared statements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.