tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

#11559 fixed error validate sql in meta

This commit is contained in:
Daniel Cebrian 2023-06-13 17:04:57 +02:00
parent 6a941f6cda
commit 75b25bd670
2 changed files with 32 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -2198,10 +2198,6 @@ switch ($action) {
); );
if ($values['treport_custom_sql_id'] == 0) { if ($values['treport_custom_sql_id'] == 0) {
$sql = get_parameter('sql', ''); $sql = get_parameter('sql', '');
if ($sql !== '') {
$good_format = db_validate_sql($sql);
}
$values['external_source'] = $sql; $values['external_source'] = $sql;
} }
@ -2218,6 +2214,10 @@ switch ($action) {
} else { } else {
$values['server_name'] = get_parameter('combo_server'); $values['server_name'] = get_parameter('combo_server');
} }
if ($sql !== '') {
$good_format = db_validate_sql($sql, (is_metaconsole() === true) ? $values['server_name'] : false);
}
} else if ($values['type'] == 'url') { } else if ($values['type'] == 'url') {
$values['external_source'] = get_parameter('url'); $values['external_source'] = get_parameter('url');
} else if ($values['type'] == 'event_report_group') { } else if ($values['type'] == 'event_report_group') {
@ -2947,10 +2947,6 @@ switch ($action) {
); );
if ($values['treport_custom_sql_id'] == 0) { if ($values['treport_custom_sql_id'] == 0) {
$sql = get_parameter('sql', ''); $sql = get_parameter('sql', '');
if ($sql !== '') {
$good_format = db_validate_sql($sql);
}
$values['external_source'] = $sql; $values['external_source'] = $sql;
} }
@ -2958,6 +2954,19 @@ switch ($action) {
'historical_db_check' 'historical_db_check'
); );
$values['top_n_value'] = get_parameter('max_items'); $values['top_n_value'] = get_parameter('max_items');
if ($values['type'] === 'sql_graph_hbar'
|| ($values['type'] === 'sql_graph_vbar')
|| ($values['type'] === 'sql_graph_pie')
) {
$values['server_name'] = get_parameter('combo_server_sql');
} else {
$values['server_name'] = get_parameter('combo_server');
}
if ($sql !== '') {
$good_format = db_validate_sql($sql, (is_metaconsole() === true) ? $values['server_name'] : false);
}
} else if ($values['type'] == 'url') { } else if ($values['type'] == 'url') {
$values['external_source'] = get_parameter('url'); $values['external_source'] = get_parameter('url');
} else if ($values['type'] == 'event_report_group') { } else if ($values['type'] == 'event_report_group') {

17
pandora_console/include/functions_db.php
View File

@ -2560,12 +2560,21 @@ function db_get_column_type(string $table, string $column='')
/** /**
* Validate sql query. * Validate sql query.
* *
* @param string $sql Query for validate. * @param string $sql Query for validate.
* @param mixed $server Server name where sql must connect.
* *
* @return boolean True if query is valid. * @return boolean True if query is valid.
*/ */
function db_validate_sql(string $sql) function db_validate_sql(string $sql, $server=false)
{ {
if ($server !== false && is_metaconsole() === true) {
metaconsole_restore_db();
$setup = metaconsole_get_connection($server);
if (metaconsole_connect($setup) !== NOERR) {
return false;
}
}
try { try {
error_reporting(0); error_reporting(0);
db_process_sql_begin(); db_process_sql_begin();
@ -2578,5 +2587,9 @@ function db_validate_sql(string $sql)
error_reporting(E_ALL); error_reporting(E_ALL);
} }
if ($server !== false && is_metaconsole() === true) {
metaconsole_restore_db();
}
return ($result !== false) ? true : false; return ($result !== false) ? true : false;
} }