Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/t
History
Joonas Kylmälä b2b5570f08 Bug 27715: Use $dbh->quote_identifier to quote untrusted input 
The sanitization using regex and \w class of characters might be
enough but given the vast number of unicode characters in \w and
possibility of in the future the database engines interpreting some of
those characters with special meaning it is better to wrap the column
identifier to quotes using $dbh->quote_identifier so it is only
interpreted as identifier and nothing else.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-02-24 00:12:59 +01:00
..
Acquisition Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Biblio Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Budgets Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Circulation Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
db_dependent Bug 27715: Use $dbh->quote_identifier to quote untrusted input 2021-02-24 00:12:59 +01:00
edi_testfiles
etc Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
External
Koha Bug 23763: (QA follow-up) Add +x to Search.t file permissions 2021-02-08 17:09:32 +01:00
lib Bug 27336: Fix xt/find-missing-filters.t 2021-01-11 10:27:37 +01:00
Members Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Number Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Search Bug 12430: Add unit tests for C4::Search::buildQuery 2020-12-04 15:32:11 +01:00
Serials Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
SIP
Test Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
00-checkdatabase-version.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
00-deprecated.t
00-load.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
00-merge-conflict-markers.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
00-testcritic.t Bug 21395: Make perlcritic happy 2020-06-29 12:37:02 +02:00
00-valid-xml.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Auth.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Auth_with_shibboleth.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
AuthoritiesMarc_MARC21.t
AuthoritiesMarc_UNIMARC.t
Barcodes_annual.t
Barcodes_EAN13.t
Barcodes_hbyymmincr.t
Barcodes_incremental.t
Biblio.t Bug 11299: (QA follow-up) Fix tests, spaces, and CSS update 2021-01-14 14:03:49 +01:00
Biblio2.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Boolean.t
Budgets.t
Calendar.t Bug 25802: Change addDate to addDuration 2021-01-22 14:59:27 +01:00
Charset.t
Circulation_barcodedecode.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
ClassSortRoutine.t
ClassSortRoutine_Dewey.t
ClassSortRoutine_Generic.t
ClassSortRoutine_LCC.t
ClassSource.t
Context.t Bug 27673: Fix t/Context.t 2021-02-17 09:21:14 +01:00
Contract.t
Creators.t
DateUtils.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
Debug.t
dummy.t Bug 21395: Make perlcritic happy 2020-06-29 12:37:02 +02:00
Edifact.t Bug 18267: (QA follow-up) fix typo: overriden => overridden 2020-11-24 09:52:36 +01:00
EdiInvoice.t Bug 18267: Refactored Edifact Price Calculations 2020-11-16 13:46:48 +01:00
Ediorder.t Bug 23926: Limit GIR segment to 5 pieces of info 2020-03-10 15:18:22 +00:00
Ediordrsp.t
EdiTransport.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Form_MessagingPreferences.t
HtmlTags.t
ImportBatch.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Installer_PerlModules.t Bug 27673: Replace YAML with YAML::XS 2021-02-16 14:54:50 +01:00
Installer_pm.t Bug 19735: Move Perl deps definitions into a cpanfile 2020-02-12 16:33:02 +00:00
ItemCirculationAlertPreference.t
Koha.t
Koha_MetadataRecord.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
Koha_SearchEngine_Elasticsearch_Browse.t Bug 24545: Fix newly added files 2020-02-24 13:31:27 +00:00
Koha_Template_Plugin_Cache.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Koha_Template_Plugin_HtmlId.t Bug 27336: Sanitize correctly HTML id 2021-01-11 10:27:37 +01:00
Koha_Template_Plugin_Koha.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
Koha_Util_FrameworkPlugin.t
Koha_Util_MARC.t
Labels.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Labels_split_ccn.t
Labels_split_ddcn.t
Labels_split_lccn.t
Labels_split_Regex.t
Languages.t Bug 27491: Fix t/Languages.t 2021-01-25 10:52:02 +01:00
Letters.t
Logger.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Makefile.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Matcher.t
Members_Messaging.t
OpenLibrarySearch.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Output.t Bug 24369: Add CORS support to output_with_http_headers() 2020-03-05 12:59:44 +00:00
Output_JSONStream.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
Patron.t
Patroncards.t
Patroncards_Batch.t
Patroncards_Lib.t
Patroncards_Patroncard.t
Patroncards_Profile.t
Patroncards_Template.t
Prices.t Bug 27485: Rename system preference gist to TaxRates 2021-01-22 14:09:46 +01:00
RecordProcessor.t Bug 25008: Tests for ->options 2020-04-14 08:31:22 +01:00
Ris.t
Scheduler.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Scrubber.t
Search.t
Search_PazPar2.t
SimpleMARC.t Bug 26781: Check for subfield defined rather than truth 2020-10-26 00:14:41 +01:00
SMS.t
SocialData.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
Stats.t
SuggestionEngine.t Bug 21395: Make perlcritic happy 2020-06-29 12:37:02 +02:00
SuggestionEngine_AuthorityFile.t Bug 25898: Prohibit indirect object notation 2020-10-15 12:56:30 +02:00
template_filters.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
timezones.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
TmplToken.t
Token.t Bug 26384: Fix executable flags 2020-09-11 09:56:56 +02:00
XSLT.t