From cfe927118d68047316f116ead5f15e4f3141ef46 Mon Sep 17 00:00:00 2001 From: jekkos Date: Tue, 28 Sep 2021 00:10:58 +0200 Subject: [PATCH] Blind sql injection fixes rework (#3284) --- application/controllers/Attributes.php | 2 +- application/controllers/Cashups.php | 2 +- application/controllers/Customers.php | 2 +- application/controllers/Employees.php | 2 +- application/controllers/Expenses.php | 2 +- application/controllers/Expenses_categories.php | 2 +- application/controllers/Giftcards.php | 2 +- application/controllers/Item_kits.php | 2 +- application/controllers/Items.php | 2 +- application/controllers/Sales.php | 2 +- application/controllers/Suppliers.php | 2 +- application/controllers/Tax_categories.php | 3 +-- application/controllers/Tax_codes.php | 2 +- application/controllers/Tax_jurisdictions.php | 2 +- application/controllers/Taxes.php | 2 +- application/models/Attribute.php | 5 +++++ application/models/Cashup.php | 6 ++++++ application/models/Customer.php | 6 ++++++ application/models/Employee.php | 6 ++++++ application/models/Expense.php | 6 ++++++ application/models/Expense_category.php | 6 ++++++ application/models/Giftcard.php | 6 ++++++ application/models/Item.php | 6 ++++++ application/models/Item_kit.php | 6 ++++++ application/models/Item_taxes.php | 6 ++++++ application/models/Sale.php | 6 ++++++ application/models/Supplier.php | 5 +++++ application/models/Tax.php | 6 ++++++ application/models/Tax_category.php | 6 ++++++ application/models/Tax_code.php | 6 ++++++ application/models/Tax_jurisdiction.php | 6 ++++++ 31 files changed, 109 insertions(+), 16 deletions(-) diff --git a/application/controllers/Attributes.php b/application/controllers/Attributes.php index 8a07a32f0..b561ac01c 100644 --- a/application/controllers/Attributes.php +++ b/application/controllers/Attributes.php @@ -24,7 +24,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Attribute->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $attributes = $this->Attribute->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Cashups.php b/application/controllers/Cashups.php index fe295bc97..366b1d99d 100644 --- a/application/controllers/Cashups.php +++ b/application/controllers/Cashups.php @@ -25,7 +25,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Cashup->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $filters = array( 'start_date' => $this->input->get('start_date'), diff --git a/application/controllers/Customers.php b/application/controllers/Customers.php index 5f446da76..beaede8bc 100644 --- a/application/controllers/Customers.php +++ b/application/controllers/Customers.php @@ -58,7 +58,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Customer->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $customers = $this->Customer->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Employees.php b/application/controllers/Employees.php index d101dc75c..d7960d944 100644 --- a/application/controllers/Employees.php +++ b/application/controllers/Employees.php @@ -17,7 +17,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Employee->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $employees = $this->Employee->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Expenses.php b/application/controllers/Expenses.php index f419bf622..c0d994ced 100644 --- a/application/controllers/Expenses.php +++ b/application/controllers/Expenses.php @@ -30,7 +30,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Expense->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $filters = array( 'start_date' => $this->input->get('start_date'), diff --git a/application/controllers/Expenses_categories.php b/application/controllers/Expenses_categories.php index e7af65260..949eb896a 100644 --- a/application/controllers/Expenses_categories.php +++ b/application/controllers/Expenses_categories.php @@ -24,7 +24,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Expense_category->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $expense_categories = $this->Expense_category->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Giftcards.php b/application/controllers/Giftcards.php index a988361b8..688457375 100644 --- a/application/controllers/Giftcards.php +++ b/application/controllers/Giftcards.php @@ -24,7 +24,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Giftcard->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $giftcards = $this->Giftcard->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Item_kits.php b/application/controllers/Item_kits.php index 3349a14f7..8b6851df7 100644 --- a/application/controllers/Item_kits.php +++ b/application/controllers/Item_kits.php @@ -59,7 +59,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Item_kit->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $item_kits = $this->Item_kit->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Items.php b/application/controllers/Items.php index c95530686..51135edd4 100644 --- a/application/controllers/Items.php +++ b/application/controllers/Items.php @@ -40,7 +40,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Item->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $this->item_lib->set_item_location($this->input->get('stock_location')); diff --git a/application/controllers/Sales.php b/application/controllers/Sales.php index 2bdf80a90..efd4aab83 100644 --- a/application/controllers/Sales.php +++ b/application/controllers/Sales.php @@ -56,7 +56,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Sale->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $filters = array('sale_type' => 'all', diff --git a/application/controllers/Suppliers.php b/application/controllers/Suppliers.php index 36b6f58ee..03c0fe7c7 100644 --- a/application/controllers/Suppliers.php +++ b/application/controllers/Suppliers.php @@ -35,7 +35,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Supplier->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $suppliers = $this->Supplier->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Tax_categories.php b/application/controllers/Tax_categories.php index 952b166df..ada2529a3 100644 --- a/application/controllers/Tax_categories.php +++ b/application/controllers/Tax_categories.php @@ -9,7 +9,6 @@ public function __construct() parent::__construct('tax_categories'); } - public function index() { $data['tax_categories_table_headers'] = $this->xss_clean(get_tax_categories_table_headers()); @@ -25,7 +24,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Tax_category->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $tax_categories = $this->Tax_category->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Tax_codes.php b/application/controllers/Tax_codes.php index af21db696..1cbc2486e 100644 --- a/application/controllers/Tax_codes.php +++ b/application/controllers/Tax_codes.php @@ -29,7 +29,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Tax_code->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $tax_codes = $this->Tax_code->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Tax_jurisdictions.php b/application/controllers/Tax_jurisdictions.php index 7059f7bcf..1044d070a 100644 --- a/application/controllers/Tax_jurisdictions.php +++ b/application/controllers/Tax_jurisdictions.php @@ -25,7 +25,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Tax_jurisdiction->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $tax_jurisdictions = $this->Tax_jurisdiction->search($search, $limit, $offset, $sort, $order); diff --git a/application/controllers/Taxes.php b/application/controllers/Taxes.php index c4adc08d8..c1115ce82 100644 --- a/application/controllers/Taxes.php +++ b/application/controllers/Taxes.php @@ -57,7 +57,7 @@ public function search() $search = $this->input->get('search'); $limit = $this->input->get('limit'); $offset = $this->input->get('offset'); - $sort = $this->input->get('sort'); + $sort = $this->Tax->sort_column($this->input->get('sort')); $order = $this->input->get('order'); $tax_rates = $this->Tax->search($search, $limit, $offset, $sort, $order); diff --git a/application/models/Attribute.php b/application/models/Attribute.php index 504251504..83e1289ae 100644 --- a/application/models/Attribute.php +++ b/application/models/Attribute.php @@ -16,6 +16,11 @@ public static function get_definition_flags() return array_flip($class->getConstants()); } + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('attribute_definitions')) ? $field : 'definition_id'; + } + /* Determines if a given definition_id is an attribute */ diff --git a/application/models/Cashup.php b/application/models/Cashup.php index de03509b9..02f839d38 100644 --- a/application/models/Cashup.php +++ b/application/models/Cashup.php @@ -6,6 +6,12 @@ class Cashup extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('cash_up')) ? $field : 'cashup_id'; + } + /* Determines if a given Cashup_id is an Cashup */ diff --git a/application/models/Customer.php b/application/models/Customer.php index d5b812718..3fc0d2988 100644 --- a/application/models/Customer.php +++ b/application/models/Customer.php @@ -6,6 +6,12 @@ class Customer extends Person { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('customers')) ? $field : 'people.person_id'; + } + /* Determines if a given person_id is a customer */ diff --git a/application/models/Employee.php b/application/models/Employee.php index 160f01709..19ec7902b 100644 --- a/application/models/Employee.php +++ b/application/models/Employee.php @@ -6,6 +6,12 @@ class Employee extends Person { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('employees')) ? $field : 'people.person_id'; + } + /* Determines if a given person_id is an employee */ diff --git a/application/models/Expense.php b/application/models/Expense.php index 035e256c5..c897297d3 100644 --- a/application/models/Expense.php +++ b/application/models/Expense.php @@ -6,6 +6,12 @@ class Expense extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('expenses')) ? $field : 'expense_id'; + } + /* Determines if a given Expense_id is an Expense */ diff --git a/application/models/Expense_category.php b/application/models/Expense_category.php index 2aaa76853..23e9001ed 100644 --- a/application/models/Expense_category.php +++ b/application/models/Expense_category.php @@ -6,6 +6,12 @@ class Expense_category extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('expense_categories')) ? $field : 'expense_category_id'; + } + /* Determines if a given Expense_id is an Expense category */ diff --git a/application/models/Giftcard.php b/application/models/Giftcard.php index 281ed5219..a554d9466 100644 --- a/application/models/Giftcard.php +++ b/application/models/Giftcard.php @@ -6,6 +6,12 @@ class Giftcard extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('giftcards')) ? $field : 'giftcard_id'; + } + /* Determines if a given giftcard_id is a giftcard */ diff --git a/application/models/Item.php b/application/models/Item.php index dfd586fb9..205bbab00 100644 --- a/application/models/Item.php +++ b/application/models/Item.php @@ -5,6 +5,12 @@ class Item extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('items')) ? $field : 'item_id'; + } + /* Determines if a given item_id is an item */ diff --git a/application/models/Item_kit.php b/application/models/Item_kit.php index 41bfdcabd..2e3b8d698 100644 --- a/application/models/Item_kit.php +++ b/application/models/Item_kit.php @@ -6,6 +6,12 @@ class Item_kit extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('item_kits')) ? $field : 'item_kit_id'; + } + /* Determines if a given item_id is an item kit */ diff --git a/application/models/Item_taxes.php b/application/models/Item_taxes.php index 49e6598f3..cd6061cf2 100644 --- a/application/models/Item_taxes.php +++ b/application/models/Item_taxes.php @@ -6,6 +6,12 @@ class Item_taxes extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('items_taxes')) ? $field : 'item_id'; + } + /* Gets tax info for a particular item */ diff --git a/application/models/Sale.php b/application/models/Sale.php index 02ffb5aa3..348248279 100644 --- a/application/models/Sale.php +++ b/application/models/Sale.php @@ -4,6 +4,12 @@ */ class Sale extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('sales')) ? $field : 'sale_id'; + } + /** * Get sale info */ diff --git a/application/models/Supplier.php b/application/models/Supplier.php index 05ef4d458..503bcf2d0 100644 --- a/application/models/Supplier.php +++ b/application/models/Supplier.php @@ -9,6 +9,11 @@ class Supplier extends Person const GOODS_SUPPLIER = 0; const COST_SUPPLIER = 1; + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('suppliers')) ? $field : 'people.person_id'; + } + /* Determines if a given person_id is a customer */ diff --git a/application/models/Tax.php b/application/models/Tax.php index 92391aa8a..a8c431818 100644 --- a/application/models/Tax.php +++ b/application/models/Tax.php @@ -6,6 +6,12 @@ class Tax extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('tax_codes')) ? $field : 'tax_code_id'; + } + /** * Determines if a given row is on file */ diff --git a/application/models/Tax_category.php b/application/models/Tax_category.php index f2ad826ed..1b367b59d 100644 --- a/application/models/Tax_category.php +++ b/application/models/Tax_category.php @@ -6,6 +6,12 @@ class Tax_category extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('tax_categories')) ? $field : 'tax_category_id'; + } + /** * Determines if it exists in the table */ diff --git a/application/models/Tax_code.php b/application/models/Tax_code.php index 16b09b025..45996f202 100644 --- a/application/models/Tax_code.php +++ b/application/models/Tax_code.php @@ -6,6 +6,12 @@ class Tax_code extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('tax_codes')) ? $field : 'tax_code_id'; + } + /** * Determines if it exists in the table */ diff --git a/application/models/Tax_jurisdiction.php b/application/models/Tax_jurisdiction.php index af5bde8a2..3ed286dfd 100644 --- a/application/models/Tax_jurisdiction.php +++ b/application/models/Tax_jurisdiction.php @@ -6,6 +6,12 @@ class Tax_jurisdiction extends CI_Model { + + public function sort_column($field) + { + return array_key_exists($field, $this->db->list_fields('tax_jurisdictions')) ? $field : 'jurisdiction_id'; + } + /** * Determines if it exists in the table */