Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

fix(test): fix random fails on virtual metric test #11524

Merged
merged 3 commits into from
Aug 5, 2022
Merged

fix(test): fix random fails on virtual metric test #11524

merged 3 commits into from
Aug 5, 2022

Conversation

kduret
Copy link
Contributor

@kduret kduret commented Aug 5, 2022

Description

fix random fails on virtual metric test

Fixes MON-14359

Type of change

  • Patch fixing an issue (non-breaking change)
  • New functionality (non-breaking change)
  • Breaking change (patch or feature) that might cause side effects breaking part of the Software

Target serie

  • 21.04.x
  • 21.10.x
  • 22.04.x
  • 22.10.x (master)

@kduret kduret requested review from a team, TamazC and dmyios and removed request for a team August 5, 2022 09:28
@sonarqube-decoration
Copy link

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@kduret kduret merged commit 8f426cf into dev-21.10.x Aug 5, 2022
@kduret kduret deleted the MON-14359-test-21.10 branch August 5, 2022 13:35
chgautier added a commit that referenced this pull request Aug 26, 2022
@chgautier @kduret
@emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios
chore(release): merge release 21.10.9 into 21.10.x (#11628)
a63aa87 
* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
@chgautier chgautier mentioned this pull request Aug 26, 2022
Merged
4 tasks
chgautier added a commit that referenced this pull request Aug 26, 2022
@chgautier @kduret
@emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios
chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)
3d7dc9b 
* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
tuntoja added a commit that referenced this pull request Sep 21, 2022
@tuntoja @kduret
@emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @chgautier @dmyios @TamazC @adr-mo @callapa
chore(release): merge release-21.10.next into 21.10.x (#11820)
640435a 
* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Sep 21, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa
Rebase dev2110x on 2110x (#11825)
4422b96 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 3, 2022
@tuntoja @kduret
@emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @chgautier @dmyios @TamazC @adr-mo @callapa
chore(release): merge release-21.10.next into 21.10.x (#11910)
59a70af 
* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 3, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa
Rebase dev2110x on 2110x (#11825)
c3a94b7 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 3, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa
Rebase dev2110x on 2110x (#11915)
7b32236 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
TamazC added a commit that referenced this pull request Oct 3, 2022
@TamazC @s-duret
@kduret @tuntoja @chgautier @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @a-launois @dmyios @adr-mo @callapa
fix(web): display command with status$ in the command definition (#11… (
08f8764 
#11885)

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

* Rebase dev2110x on 2110x (#11915)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 7, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa
Rebase dev2110x on 2110x (#11825)
005d85e 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 7, 2022
@TamazC @s-duret
@kduret @tuntoja @chgautier @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @a-launois @dmyios @adr-mo @callapa
fix(web): display command with status$ in the command definition (#11… (
5fa1d09 
#11885)

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

* Rebase dev2110x on 2110x (#11915)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 7, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa @lpinsivy
Rebase dev 21.10.x on 21.10.x (#11950)
90340de 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge hotfix-mon-15318 in 21.10.x (#11948)

* update version to 21.10.12 in insertBaseConf

* fixed issue where notification number < 0 before update (#11935)

Co-authored-by: dmyios <diosypenko@centreon.com>

Refs: MON-15318

* add php update file for 21.10.12

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* fix(centreontrapd): check if conf file is not empty before to load it (#11708)

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* fix(conf): fix disabling additive inheritance (#11813)

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* fix(web): display command with status$ in the command definition (#11… (#11885)

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

* Rebase dev2110x on 2110x (#11915)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service te…
tuntoja added a commit that referenced this pull request Oct 12, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa
Rebase dev2110x on 2110x (#11825)
b717ea3 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 12, 2022
@TamazC @s-duret
@kduret @tuntoja @chgautier @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @a-launois @dmyios @adr-mo @callapa
fix(web): display command with status$ in the command definition (#11… (
2ed6cbb 
#11885)

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

* Rebase dev2110x on 2110x (#11915)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: tuntoja <58987095+tuntoja@users.noreply.github.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>
tuntoja added a commit that referenced this pull request Oct 13, 2022
@tuntoja @chgautier
@kduret @emabassi-ext @vhsantos @hyahiaoui-ext @jeremyjaouen @sc979 @s-duret @a-launois @dmyios @TamazC @adr-mo @callapa @lpinsivy
Rebase dev2110x on 2110x (#11987)
d3a5e43 
* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge release-21.10.next into 21.10.x (#11910)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* Fix: Remove obsolete code in ACL configuration listing (#11793)

* [Fix]: Sanitize and bind service by hostgroups listing (#11795)

* sanitize nad bind service by hostgroups listing

* fix exceeded linee

* Fix : Sanitize and bind centreon hostgroups class (#11800)

* Fix: Sanitize and bind CLAPI Centreon Hostgroup class (#11802)

* Fix: Sanitize and bind host category listing  (#11805)

* fix(conf/export) broker RRDcacheD export (#11811) (#11834)

* FIX: SQLi in poller's broker configuration 21.10.x (#11778)

* sanitize and bind pollers broker config queries

* applying suggested changes

* FIX: Sanitize and bind default configuration queries 21.10.x (#11787)

* FIX: Sanitize and bind Centreon Notification class 21.10.x (#11792)

* FIX: Sanitize and bind Centreon Notification class (#11757)

* Update www/class/centreonNotification.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* FIX: Sanitize and bind LDAP CLAPI listing 21.10.x (#11797)

* sanitize and bind clapi LDAP listing

* removing unecessary code

* FIX: Sanitize and bind service listing 21.10.x (#11801)

* sanitizing and binding service listing queries

* removing var casting

* FIX: Sanitize and bind SNMP Traps groups configuration 21.10.x (#11807)

* Fix: Sanitize and bind Media import (#11788)

* Fix: Remove obsolete code in monitoring common functions  (#11844)

* Fix: Sanitize and bind SNMP Traps listing  (#11842)

* Fix: Remove obsolete code in Criticality class  (#11841)

* remove obsolete function getHostTplCriticality in criticality class

* Update www/class/centreonCriticality.class.php

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* Fix: Sanitize and bind CALPI Centreon service class  (#11836)

* sanitize and bine clapi centreon service class

* Update www/class/centreon-clapi/centreonService.class.php

space added into query

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* FIX: Remove unused mechanism for modules to add restart/reload actions after restart of pollers 21.10.x (#11855)

* removing obsolet code

* removing more useless code

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* FIX: Sanitize and bind Knowledge Base host listing 21.10.x (#11859)

* Fix: Remove obsolete code in database partitioning functions (#11839)

* FIX: Sanitize and bind Centreon Service class 21.10.x (#11865)

* sanitize and bind service class queries and fix bug mediawiki links

* fixing links host templates mediawiki

* backport MON-14223 -> dev-21.10.x (#11863)

* FIX: SQLi in contact groups form 21.10.x (#11875)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* Fix: Sanitize and bind menu topology listing (#11832) (#11883)

* sanitize and bind menu topology listing

* fix bug in query closing

* editing TopologyRepositoryTest file and change the query

* typo

* chore(release): update version to 21.10.11

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* chore(release): merge hotfix-mon-15318 in 21.10.x (#11948)

* update version to 21.10.12 in insertBaseConf

* fixed issue where notification number < 0 before update (#11935)

Co-authored-by: dmyios <diosypenko@centreon.com>

Refs: MON-15318

* add php update file for 21.10.12

Co-authored-by: Kevin Duret <kduret@centreon.com>

* chore(release): merge hotfix-mon-15384 in 21.10.x (Centreon WEB 21.10.13) (#11981)

* enh(auth): autologin enhancement (#11957)

Refs: MON-15384

* update version to 21.10.13

Co-authored-by: Kevin Duret <kduret@centreon.com>

* fix(details): remove dead code (#11672) (#11685)

* Rebase dev2110x on 2110x (#11825)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sanitized in listServiceCategoriesà (#11597) (#11633)

* Sanitize and bind listVirtualMetrics queries (#11648)

* sanitize insrert queries in db-func (#11651)

MON-14667

* Sanitized and bound queries in service argumentsXml file  (#11654)

MON-14669

* sanitize and bind host categories query (#11644)

* Fix encoding issue on status serviceXML (#11582)

* sanitize and bind in centreon connector query (#11636)

* chore(git): update codeowners (#11593)

* fix(conf) fix parent template display in service template listing (#11671) (#11677)

* fix(poller): fix remote server duplication (#11552) (#11675)

Refs: MON-14579

* fix(clapi): Check that user is admin to use clapi (#11631) (#11639)

* Fix: Sanitize and bind service group dependecies queries 21.10.x (#11666)

* fix(widgets): retrieve possibility to not select poller in pref (#11696) (#11699)

Refs: MON-14919

* Fix: In Acces group the second select not working [ACL] 21.10.x (#11710)

* fix second select not working

* applying suggested changes

* fix(details): remove dead code (#11672) (#11685)

* fix(details): second part of code cleanup for "tools" (#11718) (#11722)

* FIX: Sanitize and bind graph configuration queries 21.10.x (#11730)

* Fix: Sanitize and bind CLAPI poller configuration 21.10.x (#11732)

* sanitize and bind CLAPI poller config

* remove unecessary comment

* revert deleted imports

* FIX: Sanitize and bind Meta Service configuration 21.10.x (#11734)

* sanitize and bind meta service config

* applying suggested changes

* [Fix]:Sanitize and bind queries in template of service listing (#11745)

* fix(resource): Fix bad SQL request (#11702) (#11750)

* FIX: Sanitize and bind command configuration queries 21.10.x (#11755)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

Co-authored-by: Charles Gautier <33026375+chgautier@users.noreply.github.com>
Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>
Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>
Co-authored-by: Adrien Morais-Mestre <31647811+adr-mo@users.noreply.github.com>
Co-authored-by: Laurent Calvet <lcalvet@centreon.com>

* FIX: Removing unused code and fixing bug of generating csv in multiple periods graphs 21.10.x (#11857)

* Fix: Remove obsolete code in legacy service detail page (#11848) (#11880)

* Remove obsolete code in legacy service detail page

* restore deleted code

* remove obsolete code in legacy service detail page and query sanitizeÃ

* fix(centreontrapd): check if conf file is not empty before to load it (#11708)

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* fix(conf): fix disabling additive inheritance (#11813)

Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com>

* fix(web): display command with status$ in the command definition (#11… (#11885)

* fix(web): display command with status$ in the command definition (#11286)

* fix(web): display command with status$ in the command definition

* Update src/Centreon/Domain/Monitoring/CommandLineTrait.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

* Update unit test

* Fix regex replacement in macros command

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Tamaz Cheishvili <tamazc@yahoo.com>

* Rebase dev2110x on 2110x (#11915)

* chore(release): merge release 21.10.9 into 21.10.x (#11628)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* chore(release): merge release-21.10.next into 21.10.x (#11820)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(release): merge release 21.10.9 into 21.10.x (#11628) (#11629)

* fix(git): resync 21.10.x to dev-21.10.x (#11499)

* fix(test): wait 8s before checking downtime is active in rest api v1 test (#11498) (#11505)

Refs: MON-14585

* fix(UI): Include host_id when selecting ServiceGroups on dashreports (#11428) (#11520)

Co-authored-by: VHS <listas.vhs@gmail.com>

Co-authored-by: VHS <listas.vhs@gmail.com>

* [SNYK] Sanitize and bind centreonGraph class queries (#11409) (#11518)

1122

1153

1134

* [Snyk] Sanitize and bind ACL action access queries (#11385) (#11515)

* Sanitize and bind ACL action access queries

_ sanitize if possible each variables inserted in a query

_ use PDO prepared statement and bind() method

_ Do not use $pearDB->escape on which is for examples useless on integers and on non closed HTML tags (svg, img, etc)

* fix line length

* fix failed checks

* fix(cron): Escape database name in CentACL 21.10.x (#11509)

* fix(pendo): correctly set locale when language is detection by browser (#11484) (#11529)

* fix(test): fix random fails on virtual metric test (#11524)

Refs: MON-14359

* enh(platform): Use API to select metrics in virtual metrics configuration form 21.10.x (#11508)

Refs: MON-14359

* doc(ack): acknowledge Hakaï security (#11539)

* fix(web): fix the comment deletion for host monitored by poller (#11138) (#11557)

Refs: MON-12828

Co-authored-by: Stéphane Duret <sduret@centreon.com>

* SNYK: Sanitize and bind Broker listing queries (#11551)

* Sanitizing and binding broker listing queries

* applying suggested changes

* fix(conf) fix encoding in template service listing (#11558) (#11565)

* fix encoding

* remove useless function

* SNYK: Sanitize and bind generateImage queries (#11562)

* sanitize and bind generate image queries

* adding throw exception

* applying suggested changes

* Update www/include/views/graphs/generateGraphs/generateImage.php

Co-authored-by: Kevin Duret <kduret@centreon.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>

* SNYK: Sanitize and bind ACL actions queries (#11548)

* sanitizing and binding acl actions queries

* fix missing bind

* MON-14501 - sanitize query in centreonXmlbgRequest class  (#11571)

* sanitize query in centreonXmlbgRequest class

* add closeCursor func to resolve conv

* SNYK: Sanitize and bind Meta-Services dependency queries  (#11568)

* sanityze 2 insert queries

* spaces removed in a query

* chore(install): Update version to 21.10.9

* fix(sql): fix query to select contact during ldap import (#11579)

Refs: MON-14263

* (fix)MON-14742 Escape database name in CentACL (#11602)

* fixed issue of using special chars in db names

* fix escape database name

* fixed security issue on sql requests

* fix(platform) : Issue with cross databases query when the name contains some characters (#11279) (#11619)

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

Co-authored-by: Kevin Duret <kduret@centreon.com>
Co-authored-by: Elmahdi ABBASSI <108519266+emabassi-ext@users.noreply.github.com>
Co-authored-by: VHS <listas.vhs@gmail.com>
Co-authored-by: hyahiaoui-ext <97593234+hyahiaoui-ext@users.noreply.github.com>
Co-authored-by: jeremyjaouen <61694165+jeremyjaouen@users.noreply.github.com>
Co-authored-by: Stéphane Chapron <34628915+sc979@users.noreply.github.com>
Co-authored-by: Stéphane Duret <sduret@centreon.com>
Co-authored-by: alaunois <alaunois@centreon.com>
Co-authored-by: Dmytro Iosypenko <108675430+dmyios@users.noreply.github.com>

* query sani…
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@callapa callapa callapa approved these changes

@jeremyjaouen jeremyjaouen jeremyjaouen approved these changes

@dmyios dmyios dmyios approved these changes

@TamazC TamazC Awaiting requested review from TamazC

Assignees
No one assigned
Labels
area/backend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@kduret @callapa @jeremyjaouen @dmyios