From 8e48c164066126cd891e46c63ffb604125ff70e8 Mon Sep 17 00:00:00 2001 From: Janusz Dobrowolski Date: Sat, 8 Sep 2012 13:25:38 +0200 Subject: [PATCH] Security cleanup on 'where' parameter in a couple of list helpers. --- includes/ui/ui_lists.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/includes/ui/ui_lists.inc b/includes/ui/ui_lists.inc index 0240b953..47d7d7e0 100644 --- a/includes/ui/ui_lists.inc +++ b/includes/ui/ui_lists.inc @@ -709,7 +709,7 @@ $options = array( if (!$showclosed) $options['where'][] = "closed=0"; if($showtype) - $options['where'][] = "type_=$showtype"; + $options['where'][] = "type_=".db_escape($showtype); return combo_input($name, $selected_id, $sql, 'id', 'ref', $options); } @@ -889,7 +889,7 @@ function stock_component_items_list($name, $parent_stock_id, $selected_id=null, $all_option=false, $submit_on_change=false, $editkey = false) { return stock_items_list($name, $selected_id, $all_option, $submit_on_change, - array('where'=>array("stock_id != '$parent_stock_id'")), $editkey); + array('where'=>array("stock_id != ".db_escape($parent_stock_id))), $editkey); } function stock_component_items_list_cells($label, $name, $parent_stock_id, @@ -898,7 +898,7 @@ function stock_component_items_list_cells($label, $name, $parent_stock_id, if ($label != null) echo "$label\n"; echo stock_items_list($name, $selected_id, $all_option, $submit_on_change, - array('where'=>array("stock_id != '$parent_stock_id'"), 'cells'=>true), + array('where'=>array("stock_id != ".db_escape($parent_stock_id)), 'cells'=>true), $editkey); } //------------------------------------------------------------------------------------ -- 2.30.2