From 303b910527ae55d030ae8b79c10edec55a389e73 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Mon, 22 May 2023 19:33:25 +0200 Subject: [PATCH 1/3] #11318 fixed error 500 --- .../godmode/reporting/reporting_builder.list_items.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pandora_console/godmode/reporting/reporting_builder.list_items.php b/pandora_console/godmode/reporting/reporting_builder.list_items.php index 238f020004..a0c6004e20 100755 --- a/pandora_console/godmode/reporting/reporting_builder.list_items.php +++ b/pandora_console/godmode/reporting/reporting_builder.list_items.php @@ -518,8 +518,9 @@ foreach ($items as $item) { } $agent_name_db = implode('
', $agent_name_db); - - $module_name_db = implode('
', $modules); + if (is_array($modules) === true) { + $module_name_db = implode('
', $modules); + } } else { $agent_id = agents_get_agent_id_by_module_id($item['id_agent_module']); $agent_name = agents_get_name($agent_id); From 6b17837c4d96802be1a1fd5f58116e3a2fdb7ae8 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Tue, 23 May 2023 18:02:03 +0200 Subject: [PATCH 2/3] #11318 added funcion for validate sql --- .../godmode/reporting/reporting_builder.php | 9 ++++--- pandora_console/include/functions_db.php | 25 +++++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index cd049f1d83..4e6e39fe19 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2197,9 +2197,12 @@ switch ($action) { 'id_custom' ); if ($values['treport_custom_sql_id'] == 0) { - $values['external_source'] = get_parameter( - 'sql' - ); + $sql = get_parameter('sql', ''); + if ($sql !== '') { + $good_format = db_validate_sql($sql); + } + + $values['external_source'] = get_parameter('sql'); } $values['historical_db'] = get_parameter( diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php index 1bd96221e9..aa21543ee6 100644 --- a/pandora_console/include/functions_db.php +++ b/pandora_console/include/functions_db.php @@ -2555,3 +2555,28 @@ function db_get_column_type(string $table, string $column='') return $result; } + + +/** + * Validate sql query. + * + * @param string $sql Query for validate. + * + * @return boolean True if query is valid. + */ +function db_validate_sql(string $sql) +{ + try { + error_reporting(0); + db_process_sql_begin(); + $result = db_process_sql(io_safe_output($sql)); + } catch (Exception $e) { + // Catch all posible errors. + $result = false; + } finally { + db_process_sql_rollback(); + error_reporting(E_ALL); + } + + return ($result !== false) ? true : false; +} From 25d1b2a5cd2af3b6b0d6328298137c596f4caf59 Mon Sep 17 00:00:00 2001 From: Daniel Cebrian Date: Tue, 23 May 2023 18:05:14 +0200 Subject: [PATCH 3/3] #11318 added funcion for validate sql when create item --- .../godmode/reporting/reporting_builder.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pandora_console/godmode/reporting/reporting_builder.php b/pandora_console/godmode/reporting/reporting_builder.php index 4e6e39fe19..8b286b70ce 100755 --- a/pandora_console/godmode/reporting/reporting_builder.php +++ b/pandora_console/godmode/reporting/reporting_builder.php @@ -2202,7 +2202,7 @@ switch ($action) { $good_format = db_validate_sql($sql); } - $values['external_source'] = get_parameter('sql'); + $values['external_source'] = $sql; } $values['historical_db'] = get_parameter( @@ -2939,9 +2939,12 @@ switch ($action) { 'id_custom' ); if ($values['treport_custom_sql_id'] == 0) { - $values['external_source'] = get_parameter( - 'sql' - ); + $sql = get_parameter('sql', ''); + if ($sql !== '') { + $good_format = db_validate_sql($sql); + } + + $values['external_source'] = $sql; } $values['historical_db'] = get_parameter(