From 61c7f15e15493c1d49752bde49678d5528ac2e83 Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Thu, 30 Apr 2020 13:39:33 +1200 Subject: [PATCH] Fix #466 - sanity check sort var before using. --- absentee.php | 6 ++++++ coursesummary.php | 8 +++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/absentee.php b/absentee.php index 9badad8..1fcc288 100644 --- a/absentee.php +++ b/absentee.php @@ -101,6 +101,12 @@ $table->setup(); $sortcolumns = $table->get_sort_columns(); // Now do sorting if specified. +// Sanity check $sort var before including in sql. Make sure it matches a known column. +$allowedsort = array_diff(array_keys($table->columns), $table->column_nosort); +if (!in_array($sort, $allowedsort)) { + $sort = ''; +} + $orderby = ' ORDER BY percent ASC'; if (!empty($sort)) { $direction = ' DESC'; diff --git a/coursesummary.php b/coursesummary.php index 3d2bf51..45f4488 100644 --- a/coursesummary.php +++ b/coursesummary.php @@ -94,8 +94,14 @@ $table->setup(); // Work out direction of sort required. $sortcolumns = $table->get_sort_columns(); -// Now do sorting if specified. +// Sanity check $sort var before including in sql. Make sure it matches a known column. +$allowedsort = array_diff(array_keys($table->columns), $table->column_nosort); +if (!in_array($sort, $allowedsort)) { + $sort = ''; +} + +// Now do sorting if specified. $orderby = ' ORDER BY percentage ASC'; if (!empty($sort)) { $direction = ' DESC';