Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix sql injection && Permitir la ejecución de sentencias sql compleja…
…s predefinidas en controladores REST vía Zend_Db_Expr
  • Loading branch information
mmadariaga committed Oct 15, 2015
1 parent f7b292f commit b25262d
Showing 1 changed file with 56 additions and 18 deletions.
74 changes: 56 additions & 18 deletions Controller/Rest/BaseController.php
Expand Up @@ -379,22 +379,24 @@ protected function _prepareWhere($search)
}

$search = json_decode($search);
return implode(" AND ", $this->_parseWhere($search));
}

protected function _parseWhere($search)
{
$itemsSearch = array();
foreach ($search as $key => $val) {

if (is_scalar($val)) {
if ($val instanceof \Zend_Db_Expr) {
$itemsSearch[] = $val->__toString();
} else if (is_scalar($val)) {
$itemsSearch[] = $this->_prepareScalarCondition($key, $val);
} else if (is_object($val)){
$itemsSearch[] = $this->_prepareAdvancedCondition($key, $val);
}
}

if (empty($itemsSearch)) {
return '';
}
return implode(" AND ", $itemsSearch);
}
return $itemsSearch;
}

protected function _prepareScalarCondition($key, $val) {

Expand All @@ -412,32 +414,68 @@ protected function _prepareAdvancedCondition($key, $val) {
$dbAdapter = Zend_Db_Table::getDefaultAdapter();
switch (strtolower(key($val))) {

case 'notEqual':
$key = $dbAdapter->quoteIdentifier($key) . " != ?";
return $dbAdapter->quoteInto($key, current($val));
break;

case 'isnull':
return $dbAdapter->quoteIdentifier($key) . " is null";
break;

case 'isnotnull':
return $dbAdapter->quoteIdentifier($key) . " is null";
break;

case 'gt':
$key = $dbAdapter->quoteIdentifier($key) . " > ?";
return $dbAdapter->quoteInto($key, current($val));
break;

case 'gte':
$key = $dbAdapter->quoteIdentifier($key) . " >= ?";
return $dbAdapter->quoteInto($key, current($val));
break;

case 'lt':
$key = $dbAdapter->quoteIdentifier($key) . " < ?";
return $dbAdapter->quoteInto($key, current($val));
break;

case 'lte':
$key = $dbAdapter->quoteIdentifier($key) . " <= ?";
return $dbAdapter->quoteInto($key, current($val));
break;

case 'between':
$values = $this->_cleanArray($val);
$values = $this->_cleanArray(current($val));
return $dbAdapter->quoteIdentifier($key) . ' between '. $values[0] . ' AND ' . $values[1];

case 'notin':

$values = $this->_cleanArray($val);
$values = $this->_cleanArray(current($val));
return $dbAdapter->quoteIdentifier($key) . ' not in ('. implode(",", $values) . ') ';

case 'in':

$values = $this->_cleanArray($val);
$values = $this->_cleanArray(current($val));
return $dbAdapter->quoteIdentifier($key) . ' in ('. implode(",", $values) . ') ';

case 'like':

$key = $dbAdapter->quoteIdentifier($key) . " like '%?%'";
return $dbAdapter->quoteInto($key, $val);
$key = $dbAdapter->quoteIdentifier($key) . " like ?";
return $dbAdapter->quoteInto($key, current($val));

case 'notlike':
$key = $dbAdapter->quoteIdentifier($key) . " not like ?";
return $dbAdapter->quoteInto($key, current($val));
break;

$key = $dbAdapter->quoteIdentifier($key) . " not like '%?%'";
return $dbAdapter->quoteInto($key, $val);
case 'or':
$conditions = array();
foreach ($val as $subKey => $subVal) {
$conditions += $this->_parseWhere($subVal);
}
return '('. implode(' OR ', $conditions) .')';
break;
}

return '';
}

Expand Down

0 comments on commit b25262d

Please sign in to comment.