fix reported problems

This commit is contained in:
ralf 2024-06-20 11:12:09 +02:00
parent 3d5a9b63ae
commit 553829d30c
5 changed files with 44 additions and 4 deletions

View File

@ -757,7 +757,7 @@ class Db
* @throws Db\Exception\InvalidSql for SQL syntax errors
* @throws Db\Exception with $this->Link_ID->ErrorNo() as code for all other errors
*/
function query($Query_String, $line = '', $file = '', $offset=0, $num_rows=-1, $inputarr=false, $fetchmode=self::FETCH_BOTH, $reconnect=true)
function query($Query_String, $line = '', $file = '', int $offset=0, int $num_rows=-1, $inputarr=false, $fetchmode=self::FETCH_BOTH, $reconnect=true)
{
if ($Query_String == '')
{
@ -2291,7 +2291,7 @@ class Db
{
return $sql;
}
return $this->query($sql,$line,$file,$offset,$offset===False ? -1 : (int)$num_rows,false,$fetchmode);
return $this->query($sql, $line, $file, (int)$offset, $offset===False ? -1 : (int)$num_rows, false, $fetchmode);
}
/**

View File

@ -336,7 +336,7 @@ class Nextmatch extends Etemplate\Widget
// Parse sort into something that get_rows functions are expecting: db_field in order, ASC/DESC in sort
if(is_array($value['sort']))
{
$value['order'] = $value['sort']['id'];
$value['order'] = preg_match('/^[a-z0-9_]+$/', $value['sort']['id']) ? $value['sort']['id'] : '';
$value['sort'] = $value['sort']['asc'] ? 'ASC' : 'DESC';
}

View File

@ -812,6 +812,11 @@ class Link extends Link\Storage
$options['num_rows'] = max((int)$GLOBALS['egw_info']['user']['preference']['common']['maxmatchs'], self::DEFAULT_NUM_ROWS);
}
if (isset($options['order']) && !preg_match(preg_match('/^[a-z0-9_]+$/', $options['order'])))
{
unset($options['order'], $options['sort']);
}
$result = self::exec($method, array($pattern, &$options));
if (!isset($options['total']))

View File

@ -966,6 +966,8 @@ class Base
$num_rows = 0; // as spec. in max_matches in the user-prefs
if (is_array($start)) list($start,$num_rows) = $start+[null,null];
$order_by = self::sanitizeOrderBy($order_by);
// fix GROUP BY clause to contain all non-aggregate selected columns
if ($order_by && stripos($order_by,'GROUP BY') !== false)
{
@ -1066,6 +1068,39 @@ class Base
return $arr;
}
/**
* Sanitize (currently just remove) not understood ORDER BY clause
*
* @param string $fragment SQL fragment containing ORDER BY clause, could also contain GROUP BY etc
* @return string sanitized version of $_order_by
*/
static function sanitizeOrderBy(string $fragment)
{
// check fragment contains ORDER BY --> just operate on what's behind
if (stripos($fragment,'ORDER BY') !== false)
{
[$group_by, $order_by] = preg_split('/order +by +/i', $fragment);
}
// check fragment not just contain GROUP BY or HAVING --> nothing to do
elseif ($fragment === '' || stripos($fragment,'GROUP BY')!==false || stripos($fragment,'HAVING')!==false)
{
return $fragment;
}
// fragment is ORDER BY clause
else
{
$order_by = $fragment;
}
if (!preg_match_all("/(#?[a-zA-Z_.]+) *(<> *''|IS NULL|IS NOT NULL|& *\d+)? *(ASC|DESC)?(,|$)/ui", $order_by, $all_matches) ||
$order_by !== implode('', $all_matches[0]))
{
//error_log(__METHOD__."(".json_encode($fragment).") REMOVED");
return $group_by??'';
}
return $fragment;
}
/**
* Parse an array of search criteria into something that can be passed on
* to the DB

View File

@ -821,7 +821,7 @@ class infolog_so
}
}
$sortbycf='';
if (!empty($query['order']) && (preg_match('/^[a-z_0-9, ]+$/i',$query['order']) || stripos($query['order'],'#')!==FALSE ) &&
if (!empty($query['order']) && preg_match('/^#?[a-z_0-9, ]+$/i',$query['order']) &&
(empty($query['sort']) || is_string($query['sort']) && preg_match('/^(DESC|ASC)$/i',$query['sort'])))
{
$order = array();