adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2025-02-07 12:36:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Check model names for bad characters as well.

Browse source
This commit is contained in:
mark_story 2017-12-12 13:45:33 -05:00
parent a9618f67f7
commit 340059be15
2 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/Cake/Controller/Controller.php
View file

@ -1049,10 +1049,14 @@ class Controller extends CakeObject implements CakeEventListener {
$op = ''; $op = '';
} }
$allowedChars = '#[^a-zA-Z0-9_ ]#';
$arrayOp = is_array($op); $arrayOp = is_array($op);
foreach ($data as $model => $fields) { foreach ($data as $model => $fields) {
if (preg_match($allowedChars, $model)) {
throw new RuntimeException("Unsafe operator found in {$model}");
}
foreach ($fields as $field => $value) { foreach ($fields as $field => $value) {
if (preg_match('#[^a-zA-Z0-9_ ]#', $field)) { if (preg_match($allowedChars, $field)) {
throw new RuntimeException("Unsafe operator found in {$model}.{$field}"); throw new RuntimeException("Unsafe operator found in {$model}.{$field}");
} }
$key = $model . '.' . $field; $key = $model . '.' . $field;

3
lib/Cake/Test/Case/Controller/ControllerTest.php
View file

@ -1199,6 +1199,9 @@ class ControllerTest extends CakeTestCase {
array( array(
array('Posts' => array('id IS NULL union all select posts.* from posts where id; --' => 1)) array('Posts' => array('id IS NULL union all select posts.* from posts where id; --' => 1))
), ),
array(
array('Post.id IS NULL; --' => array('id' => 1))
),
); );
} }