Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

When administrating users, some input variables are not properly checked #3068

Closed
battery-hue opened this issue Nov 4, 2019 · 2 comments
Closed
Labels
bug Undesired behaviour resolved A fixed issue
Milestone

Comments

@battery-hue
Copy link

Describe the bug
I have enabled 'Log Input Validation Issues'. When i save any of my user's settings (in Console -> Configuration -> Users -> User Settings), this message is logged:

01.Nov.2019 08:30:58 - CMDPHP Input Validation Not Performed for 'id' Backtrace: (/user_admin.php[46]:form_save(), /user_admin.php[612]:get_request_var(), /lib/html_utility.php[346]:html_log_input_error(), /lib/html_validate.php[44]:cacti_debug_backtrace())

To Reproduce
Steps to reproduce the behavior:

  1. Enable Log Input Validation Issues
    2.Nativate to Console -> Configuration -> Users -> [select any user] -> User Settings
  2. Make any change to user's settings
  3. Check logs

Expected behavior
To be able to make change to user settings without failing input validation

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

  • OS: MacOS
  • Browser: Safari
  • Version: 13.0.2

Smartphone (please complete the following information):
N/A

Additional context
I have noticed, on occasion, that my log file has a few "Input Validation Not Performed for 'id' Backtrace: " errors messages. As of this report, I am only able to verify error is triggered when making changes to user settings. I have not yet be able to identify why/when the other errors are triggered.

@netniV
Copy link
Member

netniV commented Nov 4, 2019

A few have been fixed in the dev version so if you have the dev version they may be resolved

@cigamit
Copy link
Member

cigamit commented Nov 9, 2019

Just did a double check, and though although this issue is not there any longer, there were a few cases where there is no pre-validation. This is not a problem due to us using prepared statements, but to keep the log clean, I have corrected them anyway. Commit coming shortly.

cigamit added a commit that referenced this issue Nov 9, 2019
Input Validation Not Performed for id Backtrace: user_admin.php
@cigamit cigamit added this to the v1.2.8 milestone Nov 9, 2019
@cigamit cigamit added bug Undesired behaviour resolved A fixed issue labels Nov 9, 2019
@cigamit cigamit closed this as completed Nov 9, 2019
@netniV netniV changed the title Input Validation Not Performed for id Backtrace: user_admin.php When administrating users, some input variables are not properly checked Dec 7, 2019
@github-actions github-actions bot locked and limited conversation to collaborators Jun 30, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Undesired behaviour resolved A fixed issue
Projects
None yet
Development

No branches or pull requests

3 participants