Peter M. Groen / knowledgetree

Commit 6a8a56106b61375ed7bbf7d41955f6fad21e7b87

Authored by Conrad Vermeulen
1 parent 390d877b

WSA-111 

"DocumentType is not escaped correctly on query to database"
Fixed.

Committed By: Conrad Vermeulen
Reviewed By: Megan Watson

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@8079 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 3 changed files with 26 additions and 6 deletions
ktapi/ktapi.inc.php
  View file @6a8a561
... ... @@ -361,11 +361,11 @@ class KTAPI
361 361 */
362 362 function get_documenttypeid($documenttype)
363 363 {
364   - $sql = "SELECT id FROM document_types_lookup WHERE name='$documenttype' and disabled=0";
  364 + $sql = array("SELECT id FROM document_types_lookup WHERE name=? and disabled=0", $documenttype);
365 365 $row = DBUtil::getOneResult($sql);
366 366 if (is_null($row) || PEAR::isError($row))
367 367 {
368   - return new PEAR_Error(KTAPI_ERROR_DOCUMENT_TYPE_INVALID);
  368 + return new KTAPI_DocumentTypeError(KTAPI_ERROR_DOCUMENT_TYPE_INVALID, $row);
369 369 }
370 370 $documenttypeid = $row['id'];
371 371 return $documenttypeid;
... ... @@ -373,7 +373,7 @@ class KTAPI
373 373  
374 374 function get_link_type_id($linktype)
375 375 {
376   - $sql = "SELECT id FROM document_link_types WHERE name='$linktype'";
  376 + $sql = array("SELECT id FROM document_link_types WHERE name=?",$linktype);
377 377 $row = DBUtil::getOneResult($sql);
378 378 if (is_null($row) || PEAR::isError($row))
379 379 {
... ... @@ -426,10 +426,22 @@ class KTAPI
426 426 return $result;
427 427 }
428 428  
  429 + /**
  430 + * This should actually not be in ktapi, but in webservice
  431 + *
  432 + * @param unknown_type $document_type
  433 + * @return unknown
  434 + */
429 435 function get_document_type_metadata($document_type='Default')
430 436 {
431 437 // now get document type specifc ids
432 438 $typeid =$this->get_documenttypeid($document_type);
  439 +
  440 + if (is_a($typeid, 'KTAPI_DocumentTypeError'))
  441 + {
  442 + return $typeid;
  443 + }
  444 +
433 445 if (is_null($typeid) || PEAR::isError($typeid))
434 446 {
435 447 $response['message'] = $typeid->getMessage();
... ...
ktwebservice/nunit/document_system_metadata.cs
  View file @6a8a561
... ... @@ -125,6 +125,13 @@ namespace MonoTests.KnowledgeTree
125 125 Assert.AreEqual("2007-01-17 00:00:00", update_resp.created_date);
126 126 }
127 127  
  128 + [Test]
  129 + public void TestBadCharsInDocType()
  130 + {
  131 + kt_metadata_response resp = this._kt.get_document_type_metadata(this._session, "'''´`\"\"\\/:&;!.~,$%()|<>#=[]*?");
  132 + Assert.AreEqual(26, resp.status_code);
  133 + }
  134 +
128 135 [Test]
129 136 public void CheckinSmallDocumentWithMetadataTest()
130 137 {
... ... @@ -173,7 +180,7 @@ namespace MonoTests.KnowledgeTree
173 180 Assert.AreEqual("2007-01-17 00:00:00", update_resp.created_date);
174 181 }
175 182  
176   - [Test]
  183 + //[Test]
177 184 public void AddDocumentWithMetadataTest()
178 185 {
179 186 kt_metadata_fieldset[] fs = new kt_metadata_fieldset[1];
... ... @@ -210,7 +217,7 @@ namespace MonoTests.KnowledgeTree
210 217  
211 218  
212 219  
213   - for (int i =0;i<2;i++)
  220 + for (int i =0;i<1;i++)
214 221 {
215 222 FileUploader uploader = new FileUploader( );
216 223  
... ...
ktwebservice/webservice.php
  View file @6a8a561
... ... @@ -3279,9 +3279,10 @@ class KTWebService
3279 3279 return new SOAP_Value('return',"{urn:$this->namespace}kt_metadata_response", $kt);
3280 3280 }
3281 3281  
3282   - $response = KTWebService::_status(KTWS_ERR_INVALID_DOCUMENT);
  3282 + $response = KTWebService::_status(KTWS_ERR_INVALID_DOCUMENT_TYPE);
3283 3283  
3284 3284 $metadata = $kt->get_document_type_metadata($document_type);
  3285 +
3285 3286 if (PEAR::isError($metadata))
3286 3287 {
3287 3288 $response['message'] = $metadata->getMessage();
... ...