From: Janusz Dobrowolski <janusz@frontaccounting.eu>
Date: Thu, 11 Nov 2010 09:58:56 +0000 (+0000)
Subject: Fixed implode() injection vulnerabilities.
X-Git-Tag: v2.4.2~19^2~498
X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=commitdiff_plain;h=d7d4e546bbf0f2d13ff86287b0a0fdd9b88f1c64;p=fa-stable.git

Fixed implode() injection vulnerabilities.
---

diff --git a/includes/db/crm_contacts_db.inc b/includes/db/crm_contacts_db.inc
index 3f34b70e..8e1c045e 100644
--- a/includes/db/crm_contacts_db.inc
+++ b/includes/db/crm_contacts_db.inc
@@ -150,6 +150,9 @@ function update_person_contacts($id, $cat_ids, $entity_id=null)
 
 	$ret = db_query($sql, "Can't delete person contacts");
 
+	foreach($cat_ids as $n => $id)
+		$cat_ids[$n] = db_escape($id);
+
 	if($ret && count($cat_ids)) {
 		array_walk($cat_ids,'db_escape');
 		$sql = "INSERT INTO ".TB_PREF."crm_contacts (person_id,type,action,entity_id)
diff --git a/sales/includes/db/cust_trans_details_db.inc b/sales/includes/db/cust_trans_details_db.inc
index 4300e94b..2656e544 100644
--- a/sales/includes/db/cust_trans_details_db.inc
+++ b/sales/includes/db/cust_trans_details_db.inc
@@ -25,7 +25,7 @@ if (!is_array($debtor_trans_no))
 
 	$tr=array();
 	foreach ($debtor_trans_no as $trans_no)
-		$tr[] = 'debtor_trans_no='.$trans_no;
+		$tr[] = 'debtor_trans_no='.db_escape($trans_no);
 
 	$sql .= implode(' OR ', $tr);