Skip to content
Permalink
Browse files
Security Bugs Fixed
  • Loading branch information
imran300 committed Sep 4, 2021
1 parent 400005e commit 9809cc710ac58ab556b5aa2ddfb44930c5d5f290
Showing with 310 additions and 147 deletions.
  1. +85 −1 application/config/database.php
  2. +44 −6 application/controllers/Generals.php
  3. +37 −2 application/controllers/Users.php
  4. +1 −0 application/models/General.php
  5. +143 −138 application/views/_template/main.php
@@ -1 +1,85 @@
<?phpdefined('BASEPATH') OR exit('No direct script access allowed');/*| -------------------------------------------------------------------| DATABASE CONNECTIVITY SETTINGS| -------------------------------------------------------------------| This file will contain the settings needed to access your database.|| For complete instructions please consult the 'Database Connection'| page of the User Guide.|| -------------------------------------------------------------------| EXPLANATION OF VARIABLES| -------------------------------------------------------------------|| ['dsn'] The full DSN string describe a connection to the database.| ['hostname'] The hostname of your database server.| ['username'] The username used to connect to the database| ['password'] The password used to connect to the database| ['database'] The name of the database you want to connect to| ['dbdriver'] The database driver. e.g.: mysqli.| Currently supported:| cubrid, ibase, mssql, mysql, mysqli, oci8,| odbc, pdo, postgre, sqlite, sqlite3, sqlsrv| ['dbprefix'] You can add an optional prefix, which will be added| to the table name when using the Query Builder class| ['pconnect'] TRUE/FALSE - Whether to use a persistent connection| ['db_debug'] TRUE/FALSE - Whether database errors should be displayed.| ['cache_on'] TRUE/FALSE - Enables/disables query caching| ['cachedir'] The path to the folder where cache files should be stored| ['char_set'] The character set used in communicating with the database| ['dbcollat'] The character collation used in communicating with the database| NOTE: For MySQL and MySQLi databases, this setting is only used| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7| (and in table creation queries made with DB Forge).| There is an incompatibility in PHP with mysql_real_escape_string() which| can make your site vulnerable to SQL injection if you are using a| multi-byte character set and are running versions lower than these.| Sites using Latin-1 or UTF-8 database character set and collation are unaffected.| ['swap_pre'] A default table prefix that should be swapped with the dbprefix| ['encrypt'] Whether or not to use an encrypted connection.| ['compress'] Whether or not to use client compression (MySQL only)| ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections| - good for ensuring strict SQL while developing| ['failover'] array - A array with 0 or more data for connections if the main should fail.| ['save_queries'] TRUE/FALSE - Whether to "save" all executed queries.| NOTE: Disabling this will also effectively disable both| $this->db->last_query() and profiling of DB queries.| When you run a query, with this setting set to TRUE (default),| CodeIgniter will store the SQL statement for debugging purposes.| However, this may cause high memory usage, especially if you run| a lot of SQL queries ... disable this to avoid that problem.|| The $active_group variable lets you choose which connection group to| make active. By default there is only one group (the 'default' group).|| The $query_builder variables lets you determine whether or not to load| the query builder class.*/$active_group = 'default';$query_builder = TRUE;$db['default'] = array( 'dsn' => '', 'hostname' => 'localhost', 'username' => 'root', 'password' => '', 'database' => 'inventory', 'dbdriver' => 'mysqli', 'dbprefix' => '', 'pconnect' => FALSE, 'db_debug' => FALSE, 'cache_on' => FALSE, 'cachedir' => '', 'char_set' => 'utf8', 'dbcollat' => 'utf8_general_ci', 'swap_pre' => '', 'encrypt' => FALSE, 'compress' => FALSE, 'stricton' => FALSE, 'failover' => array(), 'save_queries' => TRUE);
<?php
defined('BASEPATH') or exit('No direct script access allowed');

/*
| -------------------------------------------------------------------
| DATABASE CONNECTIVITY SETTINGS
| -------------------------------------------------------------------
| This file will contain the settings needed to access your database.
|
| For complete instructions please consult the 'Database Connection'
| page of the User Guide.
|
| -------------------------------------------------------------------
| EXPLANATION OF VARIABLES
| -------------------------------------------------------------------
|
| ['dsn'] The full DSN string describe a connection to the database.
| ['hostname'] The hostname of your database server.
| ['username'] The username used to connect to the database
| ['password'] The password used to connect to the database
| ['database'] The name of the database you want to connect to
| ['dbdriver'] The database driver. e.g.: mysqli.
| Currently supported:
| cubrid, ibase, mssql, mysql, mysqli, oci8,
| odbc, pdo, postgre, sqlite, sqlite3, sqlsrv
| ['dbprefix'] You can add an optional prefix, which will be added
| to the table name when using the Query Builder class
| ['pconnect'] TRUE/FALSE - Whether to use a persistent connection
| ['db_debug'] TRUE/FALSE - Whether database errors should be displayed.
| ['cache_on'] TRUE/FALSE - Enables/disables query caching
| ['cachedir'] The path to the folder where cache files should be stored
| ['char_set'] The character set used in communicating with the database
| ['dbcollat'] The character collation used in communicating with the database
| NOTE: For MySQL and MySQLi databases, this setting is only used
| as a backup if your server is running PHP < 5.2.3 or MySQL < 5.0.7
| (and in table creation queries made with DB Forge).
| There is an incompatibility in PHP with mysql_real_escape_string() which
| can make your site vulnerable to SQL injection if you are using a
| multi-byte character set and are running versions lower than these.
| Sites using Latin-1 or UTF-8 database character set and collation are unaffected.
| ['swap_pre'] A default table prefix that should be swapped with the dbprefix
| ['encrypt'] Whether or not to use an encrypted connection.
| ['compress'] Whether or not to use client compression (MySQL only)
| ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections
| - good for ensuring strict SQL while developing
| ['failover'] array - A array with 0 or more data for connections if the main should fail.
| ['save_queries'] TRUE/FALSE - Whether to "save" all executed queries.
| NOTE: Disabling this will also effectively disable both
| $this->db->last_query() and profiling of DB queries.
| When you run a query, with this setting set to TRUE (default),
| CodeIgniter will store the SQL statement for debugging purposes.
| However, this may cause high memory usage, especially if you run
| a lot of SQL queries ... disable this to avoid that problem.
|
| The $active_group variable lets you choose which connection group to
| make active. By default there is only one group (the 'default' group).
|
| The $query_builder variables lets you determine whether or not to load
| the query builder class.
*/

$active_group = 'default';
$query_builder = TRUE;

$db['default'] = array(
'dsn' => '',
'hostname' => 'localhost',
'username' => 'root',
'password' => 'root',
'database' => 'inventory',
'dbdriver' => 'mysqli',
'dbprefix' => '',
'pconnect' => FALSE,
'db_debug' => FALSE,
'cache_on' => FALSE,
'cachedir' => '',
'char_set' => 'utf8',
'dbcollat' => 'utf8_general_ci',
'swap_pre' => '',
'encrypt' => FALSE,
'compress' => FALSE,
'stricton' => FALSE,
'failover' => array(),
'save_queries' => TRUE
);
@@ -81,6 +81,10 @@ public function create_breadcrums()
//Add Group....
public function add_group()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}

$this->header();
$data['group_list'] = $this->General->fetch_records("usr_group");
@@ -92,6 +96,10 @@ public function add_group()
public function create_group()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$group_name = $this->input->post('group_name');

$record = $this->General->fetch_maxid("usr_group");
@@ -116,6 +124,10 @@ public function create_group()
//Edit Group....
public function edit_group($id)
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$group['groups'] = $this->General->fetch_groupbyid($id);
$this->header();
$this->load->view('generals/edit_group', $group);
@@ -125,6 +137,10 @@ public function edit_group($id)
//Update Group......
public function update_group()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$group_name = $this->input->post('group_name');
$group_id = $this->input->post('group_id');
$this->General->update_group($group_name, $group_id);
@@ -136,7 +152,10 @@ public function update_group()
public function addmenu()
{


$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$this->header();

$col = "PARENT_ID";
@@ -176,7 +195,10 @@ public function addmenu()
//Create menu....
public function create_menu()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$menu = $this->input->post('MENU_TEXT');
$url = $this->input->post('MENU_URL');
$parent = $this->input->post('PARENT_ID');
@@ -209,7 +231,10 @@ public function create_menu()
//Fetch All menus.........
public function list_menu()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$menu['menus'] = $this->General->fetch_records("usr_menu");

$this->header();
@@ -220,6 +245,10 @@ public function list_menu()
//Edit Menu....
public function edit_menu($id)
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}

$menu['menus'] = $this->General->fetch_menubyid($id);
$this->header();
@@ -230,7 +259,10 @@ public function edit_menu($id)
//Update Menu....
public function update_menu()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}

extract($_POST);
$this->General->update_menu();
@@ -242,7 +274,10 @@ public function update_menu()
//Add permission.....
public function add_permission($id)
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$data['parentnav'] = $this->Menus->fetch_parent_menu();
$data['Generals'] = $this;
$data['group_id'] = $id;
@@ -254,7 +289,10 @@ public function add_permission($id)
// Creating Permissions for a specific group
public function create_permission()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
extract($_POST);
$group_id = $this->input->post('group_id');

@@ -96,7 +96,10 @@ public function loginauthen()
//Load View Form For User Creation.........
public function add_user()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
//Get employee list for drop down menu..................................
$data['employeelist'] = $this->General->fetch_records("employee_profile");
$data['grouplist'] = $this->General->fetch_records("usr_group");
@@ -115,7 +118,10 @@ public function add_user()
//Get values and Create User................
public function create_user()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$record = $this->General->fetch_maxid("usr_user");
foreach ($record as $record) {
$MaxGroup = $record->USER_ID;
@@ -146,6 +152,10 @@ public function create_user()
// List all users
public function list_users()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$this->header($title = 'Users List');
$this->load->view();
$this->footer();
@@ -154,6 +164,10 @@ public function list_users()
// Delete specific user
public function delete_users($id)
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$this->db->where('USER_ID', $id);
$this->db->delete('usr_user');

@@ -164,6 +178,10 @@ public function delete_users($id)
//status of user (Active)
public function activeStatus()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$id = $this->uri->segment(3);
$update = array(
'IS_ACTIVE' => '1'
@@ -177,10 +195,19 @@ public function activeStatus()
redirect(base_url() . "index.php/Users/add_user");
}

function _check_token($token)
{
return ($token === $_COOKIE[$this->csrf_cookie_name]);
}

//status of user (In-active)
public function deactiveStatus()
{

$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$id = $this->uri->segment(3);
$update = array(
'IS_ACTIVE' => '0'
@@ -197,12 +224,20 @@ public function deactiveStatus()
// Registering a new User Form
public function register()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
$this->load->view('users/register');
}

// Registering User Insert
public function registration()
{
$group_id = $this->session->userdata("group_id");
if ($group_id != 1) {
$Page = $this->General->check_url_permission_single();
}
extract($_POST);
$full_name = $this->input->post('full_name');
$user_name = $this->input->post('user_name');
@@ -465,6 +465,7 @@ function check_url_permission_single()
if ($query > 0) {
return $query;
} else {
$this->session->set_flashdata('error', 'You dont have permission');
redirect(base_url());
}
}

0 comments on commit 9809cc7

Please sign in to comment.