diff options
author | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2020-07-03 23:45:58 +0300 |
---|---|---|
committer | Maurício Meneghini Fauth <mauricio@fauth.dev> | 2020-07-03 23:45:58 +0300 |
commit | d09ab9bc9d634ad08b866d42bb8c4109869d38d2 (patch) | |
tree | cb6c3478fa0e376339a827105f5a3a2606af1e23 /libraries | |
parent | cf678a04fcb1444c26640c903fcea41fd3987fdf (diff) |
Check where clause signature in TableSearchController
Signed-off-by: Maurício Meneghini Fauth <mauricio@fauth.dev>
Diffstat (limited to 'libraries')
-rw-r--r-- | libraries/classes/Controllers/Table/TableSearchController.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/libraries/classes/Controllers/Table/TableSearchController.php b/libraries/classes/Controllers/Table/TableSearchController.php index 16ed3fe1fd..e9f1e48e05 100644 --- a/libraries/classes/Controllers/Table/TableSearchController.php +++ b/libraries/classes/Controllers/Table/TableSearchController.php @@ -8,6 +8,7 @@ namespace PhpMyAdmin\Controllers\Table; use PhpMyAdmin\Controllers\TableController; +use PhpMyAdmin\Core; use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\Relation; use PhpMyAdmin\Sql; @@ -345,13 +346,15 @@ class TableSearchController extends TableController ); //Append it to row array as where_clause $row['where_clause'] = $uniqueCondition[0]; + $row['where_clause_sign'] = Core::signSqlQuery($uniqueCondition[0]); $tmpData = array( $_POST['criteriaColumnNames'][0] => $row[$_POST['criteriaColumnNames'][0]], $_POST['criteriaColumnNames'][1] => $row[$_POST['criteriaColumnNames'][1]], - 'where_clause' => $uniqueCondition[0] + 'where_clause' => $uniqueCondition[0], + 'where_clause_sign' => Core::signSqlQuery($uniqueCondition[0]) ); $tmpData[$dataLabel] = ($dataLabel) ? $row[$dataLabel] : ''; $data[] = $tmpData; @@ -419,6 +422,10 @@ class TableSearchController extends TableController */ public function getDataRowAction() { + if (! Core::checkSqlQuerySignature($_POST['where_clause'], $_POST['where_clause_sign'])) { + return; + } + $extra_data = array(); $row_info_query = 'SELECT * FROM ' . Util::backquote($_POST['db']) . '.' . Util::backquote($_POST['table']) . ' WHERE ' . $_POST['where_clause']; |