extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-11-26 09:53:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixed allowed memory size exceeded error, if trying to read history from a ldap or ads contact with an id starting with a letter, did an unlimited query for all history-log entries of addressbook

Browse Source
This commit is contained in:
Ralf Becker 2013-06-29 16:44:55 +00:00
parent 5e153a1a48
commit bca1712229
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
phpgwapi/inc/class.historylog.inc.php
View File

@ -153,7 +153,7 @@ class historylog
*/ */
function search($filter,$order='history_id',$sort='DESC') function search($filter,$order='history_id',$sort='DESC')
{ {
if (!is_array($filter)) $filter = (int)$filter ? array('history_record_id' => $filter) : array(); if (!is_array($filter)) $filter = is_numeric($filter) ? array('history_record_id' => $filter) : array();
if (!$_orderby || !preg_match('/^[a-z0-9_]+$/i',$_orderby) || !preg_match('/^(asc|desc)?$/i',$sort)) if (!$_orderby || !preg_match('/^[a-z0-9_]+$/i',$_orderby) || !preg_match('/^(asc|desc)?$/i',$sort))
{ {
@ -173,6 +173,9 @@ class historylog
} }
if (!isset($filter['history_appname'])) $filter['history_appname'] = $this->appname; if (!isset($filter['history_appname'])) $filter['history_appname'] = $this->appname;
// do not try to read all history entries of an app
if (!$filter['history_record_id']) return array();
$rows = array(); $rows = array();
foreach($this->db->select(self::TABLE,'*',$filter,__LINE__,__FILE__,false,$orderby) as $row) foreach($this->db->select(self::TABLE,'*',$filter,__LINE__,__FILE__,false,$orderby) as $row)
{ {
@ -274,7 +277,10 @@ class historylog
*/ */
function return_array($filter_out,$only_show,$_orderby,$sort, $record_id) function return_array($filter_out,$only_show,$_orderby,$sort, $record_id)
{ {
if (!is_numeric($record_id))
{
return array();
}
if (!$_orderby || !preg_match('/^[a-z0-9_]+$/i',$_orderby) || !preg_match('/^(asc|desc)?$/i',$sort)) if (!$_orderby || !preg_match('/^[a-z0-9_]+$/i',$_orderby) || !preg_match('/^(asc|desc)?$/i',$sort))
{ {
$orderby = 'ORDER BY history_timestamp,history_id'; $orderby = 'ORDER BY history_timestamp,history_id';