Skip to content

Commit dcec2f7

Browse files
EnumbinEnumbin
committed
Sql Security Issue Fix
1 parent 7a818c3 commit dcec2f7

8 files changed

+51
-49
lines changed

classes/BlogCategory.php

+9-9
Original file line numberDiff line numberDiff line change
@@ -368,7 +368,7 @@ public static function getTotalPostOfChildParent( $all_child = array() ) {
368368
}
369369

370370
public static function getAllChildCategory( $id_smart_blog_category, $current ) {
371-
$sql = 'select id_smart_blog_category from `' . _DB_PREFIX_ . 'smart_blog_category` where id_smart_blog_category = ' . $id_smart_blog_category;
371+
$sql = 'select id_smart_blog_category from `' . _DB_PREFIX_ . 'smart_blog_category` where id_smart_blog_category = ' . (int) $id_smart_blog_category;
372372

373373
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
374374
return false;
@@ -388,7 +388,7 @@ public static function getAllChildCategory( $id_smart_blog_category, $current )
388388
}
389389

390390
public static function haveChildCategory( $id_smart_blog_category ) {
391-
$sql = 'select count(id_smart_blog_category) as count from `' . _DB_PREFIX_ . 'smart_blog_category` where id_parent = ' . $id_smart_blog_category;
391+
$sql = 'select count(id_smart_blog_category) as count from `' . _DB_PREFIX_ . 'smart_blog_category` where id_parent = ' . (int) $id_smart_blog_category;
392392

393393
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
394394
return false;
@@ -500,7 +500,7 @@ public static function getRootCategory( $id_lang = null ) {
500500
public static function getNameCategory( $id ) {
501501
$id_lang = (int) Context::getContext()->language->id;
502502
$sql = 'SELECT * FROM ' . _DB_PREFIX_ . 'smart_blog_category_lang pl, ' . _DB_PREFIX_ . 'smart_blog_category p
503-
WHERE pl.id_smart_blog_category=p.id_smart_blog_category AND p.id_smart_blog_category=' . $id . ' AND pl.id_lang = ' . $id_lang;
503+
WHERE pl.id_smart_blog_category=p.id_smart_blog_category AND p.id_smart_blog_category=' . (int) $id . ' AND pl.id_lang = ' . (int) $id_lang;
504504
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
505505
return false;
506506
}
@@ -629,7 +629,7 @@ public static function getCategory( $active = 1, $id_lang = null ) {
629629
}
630630

631631
public static function getPostByCategory( $id_smart_blog_category ) {
632-
$sql = 'select count(id_smart_blog_post) as count from `' . _DB_PREFIX_ . 'smart_blog_post_category` where id_smart_blog_category = ' . $id_smart_blog_category;
632+
$sql = 'select count(id_smart_blog_post) as count from `' . _DB_PREFIX_ . 'smart_blog_post_category` where id_smart_blog_category = ' . (int) $id_smart_blog_category;
633633

634634
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
635635
return false;
@@ -728,7 +728,7 @@ public static function getAllCategoriesName( $root_category = null, $id_lang = f
728728

729729
public static function getCatName( $id ) {
730730
$id_lang = (int) Context::getContext()->language->id;
731-
$sql = 'SELECT pl.name FROM ' . _DB_PREFIX_ . 'smart_blog_category_lang pl join ' . _DB_PREFIX_ . 'smart_blog_post_category as p3 on pl.id_smart_blog_category=p3.id_smart_blog_category WHERE pl.id_smart_blog_category=' . $id . ' AND pl.id_lang = ' . $id_lang;
731+
$sql = 'SELECT pl.name FROM ' . _DB_PREFIX_ . 'smart_blog_category_lang pl join ' . _DB_PREFIX_ . 'smart_blog_post_category as p3 on pl.id_smart_blog_category=p3.id_smart_blog_category WHERE pl.id_smart_blog_category=' . (int) $id . ' AND pl.id_lang = ' . (int) $id_lang;
732732

733733
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
734734
return false;
@@ -738,7 +738,7 @@ public static function getCatName( $id ) {
738738

739739
public static function getCatLinkRewrite( $id ) {
740740
$id_lang = (int) Context::getContext()->language->id;
741-
$sql = 'SELECT pl.link_rewrite FROM ' . _DB_PREFIX_ . 'smart_blog_category_lang pl join ' . _DB_PREFIX_ . 'smart_blog_post_category as p3 on pl.id_smart_blog_category=p3.id_smart_blog_category WHERE pl.id_smart_blog_category=' . $id . ' AND pl.id_lang = ' . $id_lang;
741+
$sql = 'SELECT pl.link_rewrite FROM ' . _DB_PREFIX_ . 'smart_blog_category_lang pl join ' . _DB_PREFIX_ . 'smart_blog_post_category as p3 on pl.id_smart_blog_category=p3.id_smart_blog_category WHERE pl.id_smart_blog_category=' . (int) $id . ' AND pl.id_lang = ' . (int) $id_lang;
742742
if ( ! $result = Db::getInstance()->executeS( $sql ) ) {
743743
return false;
744744
}
@@ -768,7 +768,7 @@ public static function getNestedCategories( $root_category = null, $id_lang = fa
768768
FROM `' . _DB_PREFIX_ . 'smart_blog_category` c
769769
' . ( $use_shop_restriction ? Shop::addSqlAssociation( 'smart_blog_category', 'c' ) : '' ) . '
770770
LEFT JOIN `' . _DB_PREFIX_ . 'smart_blog_category_lang` cl ON c.`id_smart_blog_category` = cl.`id_smart_blog_category`
771-
WHERE 1 ' . $sql_filter . ' ' . ( $id_lang ? 'AND cl.`id_lang` = ' . (int) $id_lang : '' ) . '
771+
WHERE 1 ' . $sql_filter . ' ' . ( (int) $id_lang ? 'AND cl.`id_lang` = ' . (int) $id_lang : '' ) . '
772772
' . ( $active ? ' AND c.`active` = 1' : '' ) . '
773773
' . ( $sql_limit != '' ? $sql_limit : '' )
774774
);
@@ -811,8 +811,8 @@ public static function updateAssocCat( $id_post ) {
811811
if ( is_array( $cats ) ) {
812812
foreach ( $cats as $cat ) {
813813
$insert[] = array(
814-
'id_smart_blog_category' => $cat,
815-
'id_smart_blog_post' => $id_post,
814+
'id_smart_blog_category' => (int) $cat,
815+
'id_smart_blog_post' => (int) $id_post,
816816
);
817817
}
818818

classes/BlogPostCategory.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -45,8 +45,8 @@ public static function getToltalByCategory($id_lang, $id_category, $limit_start,
4545
$sql = 'SELECT * FROM ' . _DB_PREFIX_ . 'smart_blog_post_lang pl INNER JOIN
4646
' . _DB_PREFIX_ . 'smart_blog_post p ON pl.id_smart_blog_post=p.id_smart_blog_post INNER JOIN
4747
' . _DB_PREFIX_ . 'smart_blog_post_category pc ON p.id_smart_blog_post=pc.id_smart_blog_post
48-
WHERE pl.id_lang=' . $id_lang . ' and p.active = 1 AND pc.id_smart_blog_category = ' . $id_category . '
49-
ORDER BY p.id_smart_blog_post DESC LIMIT ' . $limit_start . ',' . $limit;
48+
WHERE pl.id_lang=' . (int) $id_lang . ' and p.active = 1 AND pc.id_smart_blog_category = ' . (int) $id_category . '
49+
ORDER BY p.id_smart_blog_post DESC LIMIT ' . (int) $limit_start . ',' . (int) $limit;
5050

5151
if (!$posts = Db::getInstance()->executeS($sql))
5252
return false;

classes/BlogTag.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ public static function TagExists( $tag, $id_lang = null ) {
5959
$id_lang = (int) Context::getContext()->language->id;
6060
}
6161

62-
$sql = 'SELECT id_tag FROM ' . _DB_PREFIX_ . 'smart_blog_tag WHERE id_lang=' . $id_lang . ' AND name="' . $tag . '"';
62+
$sql = 'SELECT id_tag FROM ' . _DB_PREFIX_ . 'smart_blog_tag WHERE id_lang=' . (int) $id_lang . ' AND name="' . $tag . '"';
6363

6464
if ( ! $posts = Db::getInstance()->executeS( $sql ) ) {
6565
return false;

classes/Blogcomment.php

+4-4
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ public function addComment($id_post, $comment, $value, $id_parent)
6767
if ($id_parent == '' && $id_parent == null) {
6868
$id_parent = 0;
6969
}
70-
$sql = 'INSERT INTO ' . _DB_PREFIX_ . 'smart_blog_comment(id_post,name,email,content,website,id_parent, active) VALUES (' . (int) $id_post . ', \'' . $comment['name'] . '\', \'' . $comment['mail'] . '\', \'' . $comment['comment'] . '\', \'' . $comment['website'] . '\', ' . $id_parent . ', ' . $value . ')';
70+
$sql = 'INSERT INTO ' . _DB_PREFIX_ . 'smart_blog_comment(id_post,name,email,content,website,id_parent, active) VALUES (' . (int) $id_post . ', \'' . $comment['name'] . '\', \'' . $comment['mail'] . '\', \'' . $comment['comment'] . '\', \'' . $comment['website'] . '\', ' . (int) $id_parent . ', ' . $value . ')';
7171
if (!Db::getInstance()->execute($sql))
7272
return false;
7373
}
@@ -78,7 +78,7 @@ public function getChildComment($id_parent)
7878
$child_comments = NULL;
7979

8080
$sql = 'SELECT * FROM ' . _DB_PREFIX_ . 'smart_blog_comment
81-
WHERE active=1 AND id_parent=' . $id_parent;
81+
WHERE active=1 AND id_parent=' . (int) $id_parent;
8282
if (!$child_comments = DB::getInstance()->executeS($sql))
8383
return false;
8484
$j = 0;
@@ -104,7 +104,7 @@ public function getComment($id_post)
104104
{
105105

106106
$sql = 'SELECT * FROM ' . _DB_PREFIX_ . 'smart_blog_comment
107-
WHERE active=1 AND id_parent=0 AND id_post=' . $id_post;
107+
WHERE active=1 AND id_parent=0 AND id_post=' . (int) $id_post;
108108
if (!$comments = DB::getInstance()->executeS($sql))
109109
return false;
110110
$i = 0;
@@ -160,7 +160,7 @@ public static function getToltalComment($id)
160160
{
161161

162162
$sql = 'SELECT id_post FROM ' . _DB_PREFIX_ . 'smart_blog_comment
163-
WHERE id_post=' . $id . '
163+
WHERE id_post=' . (int) $id . '
164164
AND active=1';
165165
if (!$posts = Db::getInstance()->executeS($sql))
166166
return false;

0 commit comments

Comments
 (0)