-
Notifications
You must be signed in to change notification settings - Fork 418
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
SQL injection fix: Coerce offset and limit values to integers (#1054)
* Use HTTPS repository URL for PEAR Fixes this installation error: PEAR repository from http://pear.php.net could not be loaded. Your configuration does not allow connections to http://pear.php.net/channel.xml. See https://getcomposer.org/doc/06-config.md#secure-http for details. * Fix fatal error in some versions of PHP `$buildScopeVars` is initialized as a string but later appended to as an array via `$buildScopeVars[] = …`. This throws a fatal error in some versions of PHP. The fix was to re-initialize it to an array before appending values. * Include PHPUnit in dev dependencies This avoids having to download it separately, especially since the tests only work with PHPUnit < 6 * Cast limit to integer when setting via Criteria::setLimit() This prevents SQL injection via limit() and is a similar fix as the one added to Propel2 [1]. See that pull request for details. [1] propelorm/Propel2#1465 * Coerce offset and limit values to integers for MySQL LIMIT clause When constructing a MySQL LIMIT clause, values for the offset and limit are coerced to integers. This prevents arbitrary SQL from being injected via a query limit. Example: UserQuery::create()->limit('1;DROP TABLE users')->find(); Previously, this would have injected `DROP TABLE users` into the generated SQL. Now, the limit value would be coerced to the integer `1`. This is similar to the fix for Propel2 [1]. Fixes #1052 [1] propelorm/Propel2#1464 * Update Travis configuration to use installed phpunit From dev dependencies. * Update Travis config to support PHP 5.3 correctly Per https://docs.travis-ci.com/user/reference/trusty#PHP-images * Fix encoding issues in tests h/t @smhg
- Loading branch information
1 parent
3f7a284
commit b720932
Showing
8 changed files
with
350 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
SET NAMES utf8; | ||
|
||
DROP TABLE IF EXISTS book; | ||
DROP VIEW IF EXISTS view_book_titles; | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.