From e9d0002d4ed864f7193a07dcf1785af6ee62d98a Mon Sep 17 00:00:00 2001 From: Daniel Maya Date: Mon, 11 Dec 2023 15:26:57 +0100 Subject: [PATCH] #12630 Fixed double safe_input --- pandora_console/include/functions.php | 4 ++-- pandora_console/include/functions_config.php | 22 ++++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php index 0bb6612376..b03a69b3f7 100644 --- a/pandora_console/include/functions.php +++ b/pandora_console/include/functions.php @@ -6381,8 +6381,8 @@ function send_test_email( $params['email_smtpPort'] ); - $transport->setUsername($params['email_username']); - $transport->setPassword($params['email_password']); + $transport->setUsername(io_safe_output($params['email_username'])); + $transport->setPassword(io_output_password($params['email_password'])); if ($params['email_encryption']) { $transport->setEncryption($params['email_encryption']); diff --git a/pandora_console/include/functions_config.php b/pandora_console/include/functions_config.php index e47e84adeb..4798ed2b4f 100644 --- a/pandora_console/include/functions_config.php +++ b/pandora_console/include/functions_config.php @@ -193,7 +193,7 @@ function config_update_config() $error_update[] = __('Chromium config directory'); } - if (config_update_value('loginhash_pwd', io_input_password((string) get_parameter('loginhash_pwd')), true) === false) { + if (config_update_value('loginhash_pwd', (string) get_parameter('loginhash_pwd'), true, true) === false) { $error_update[] = __('Auto login (hash) password'); } @@ -237,7 +237,7 @@ function config_update_config() $error_update[] = __('IP list with API access'); } - if (config_update_value('api_password', io_input_password(get_parameter('api_password')), true) === false) { + if (config_update_value('api_password', get_parameter('api_password'), true, true) === false) { $error_update[] = __('API password'); } @@ -423,7 +423,7 @@ function config_update_config() $error_update[] = __('Email user'); } - if (config_update_value('email_password', io_input_password(get_parameter('email_password')), true) === false) { + if (config_update_value('email_password', get_parameter('email_password'), true, true) === false) { $error_update[] = __('Email password'); } @@ -463,7 +463,7 @@ function config_update_config() $error_update[] = __('Replication DB user'); } - if (config_update_value('replication_dbpass', io_input_password((string) get_parameter('replication_dbpass')), true) === false) { + if (config_update_value('replication_dbpass', (string) get_parameter('replication_dbpass'), true, true) === false) { $error_update[] = __('Replication DB password'); } @@ -688,7 +688,7 @@ function config_update_config() $error_update[] = __('Admin LDAP login'); } - if (config_update_value('ldap_admin_pass', io_input_password(get_parameter('ldap_admin_pass')), true) === false) { + if (config_update_value('ldap_admin_pass', get_parameter('ldap_admin_pass'), true, true) === false) { $error_update[] = __('Admin LDAP password'); } @@ -724,7 +724,7 @@ function config_update_config() $error_update[] = __('Admin secondary LDAP login'); } - if (config_update_value('ldap_admin_pass_secondary', io_input_password(get_parameter('ldap_admin_pass_secondary')), true) === false) { + if (config_update_value('ldap_admin_pass_secondary', get_parameter('ldap_admin_pass_secondary'), true, true) === false) { $error_update[] = __('Admin secondary LDAP password'); } @@ -772,7 +772,7 @@ function config_update_config() $error_update[] = __('User'); } - if (config_update_value('rpandora_pass', io_input_password(get_parameter('rpandora_pass')), true) === false) { + if (config_update_value('rpandora_pass', get_parameter('rpandora_pass'), true, true) === false) { $error_update[] = __('Password'); } @@ -1740,7 +1740,7 @@ function config_update_config() $error_update[] = __('Database user'); } - if (config_update_value('history_db_pass', io_input_password(get_parameter('history_db_pass')), true) === false) { + if (config_update_value('history_db_pass', get_parameter('history_db_pass'), true, true) === false) { $error_update[] = __('Database password'); } @@ -1888,7 +1888,7 @@ function config_update_config() $error_update[] = __('eHorus user'); } - if (config_update_value('ehorus_pass', io_input_password((string) get_parameter('ehorus_pass', $config['ehorus_pass'])), true) === false) { + if (config_update_value('ehorus_pass', (string) get_parameter('ehorus_pass', $config['ehorus_pass']), true, true) === false) { $error_update[] = __('eHorus password'); } @@ -1918,7 +1918,7 @@ function config_update_config() $error_update[] = __('Enable Pandora ITSM'); } - if (config_update_value('ITSM_token', io_input_password((string) get_parameter('ITSM_token', $config['ITSM_token'])), true) === false) { + if (config_update_value('ITSM_token', (string) get_parameter('ITSM_token', $config['ITSM_token']), true, true) === false) { $error_update[] = __('Pandora ITSM token'); } @@ -2179,7 +2179,7 @@ function config_process_config() } if (!isset($config['loginhash_pwd'])) { - config_update_value('loginhash_pwd', io_input_password((rand(0, 1000) * rand(0, 1000)).'pandorahash')); + config_update_value('loginhash_pwd', (rand(0, 1000) * rand(0, 1000)).'pandorahash', false, true); } if (!isset($config['trap2agent'])) {