Changeset 3141483

Timestamp:

08/26/2024 08:13:45 AM (18 months ago)

Author:

coderevolution

Message:

fixed SQL injection issues

Location:

wp-pocket-urls

Files:

• tags/1.0.3/classes/class-wp-pocketurl-clicks.php (modified) (6 diffs)
• tags/1.0.3/classes/class-wp-pocketurl-reports.php (modified) (2 diffs)
• tags/1.0.3/classes/class-wp-pocketurl.php (modified) (1 diff)
• trunk/classes/class-wp-pocketurl-clicks.php (modified) (6 diffs)
• trunk/classes/class-wp-pocketurl-reports.php (modified) (2 diffs)
• trunk/classes/class-wp-pocketurl.php (modified) (1 diff)

wp-pocket-urls/tags/1.0.3/classes/class-wp-pocketurl-clicks.php

@@ -183 +183 @@
     public function getClickCountByPostID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         return $wpdb->get_var($sql);
     }
@@ -205 +208 @@
             'fields'        => 'ids', // Only get post IDs
         ));
-        $ids = implode(',',$post_ids);
-        $sql = "SELECT COUNT(1) as total FROM {$wpdb->wp_pocketurl_clicks_table} where link_id IN ($ids)";
-        $sum = $wpdb->get_var($sql);
+        if (!empty($post_ids)) 
+        {
+            $placeholders = array_fill(0, count($post_ids), '%d');
+            $format = implode(',', $placeholders);
+            $query = "SELECT COUNT(1) as total FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id IN ($format)";
+            $sql = call_user_func_array(array($wpdb, 'prepare'), array_merge(array($query), $post_ids));
+            $sum = $wpdb->get_var($sql);
+        } 
+        else 
+        {
+            $sum = 0; // No posts, so count is 0
+        }
         return $sum;
     }
@@ -213 +225 @@
     * get clicks details by link ID
     * return array of rows
-    */
-    public function getClicksDetailsByID($ID,$start,$end){
-        global $wpdb;
-        $sql = "SELECT * FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID ORDER BY click_date DESC LIMIT $start, 10";
+    */public function getClicksDetailsByID($ID, $start, $end){
+        global $wpdb;
+        $sql = $wpdb->prepare(
+            "SELECT * FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d ORDER BY click_date DESC LIMIT %d, %d",
+            $ID, $start, 10
+        );
         $result = $wpdb->get_results($sql);
-        return $result; 
+        return $result;    
     }
     /*
@@ -226 +240 @@
     public function getClicksDetailsTotalBYID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         $result = $wpdb->get_var($sql);
-        return $result; 
+        return $result;    
     }
     /*
@@ -236 +253 @@
     public function getClicksCountBYID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         $result = $wpdb->get_var($sql);
-        return $result; 
+        return $result;    
     }
 
@@ -246 +266 @@
     public function delete_clicks_count($id){
         global $wpdb;
-        $wpdb->query("DELETE FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$id");
-    }
-    
+        $sql = $wpdb->prepare(
+            "DELETE FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $id
+        );
+        $wpdb->query($sql);
+    }
 }

wp-pocket-urls/tags/1.0.3/classes/class-wp-pocketurl-reports.php

@@ -139 +139 @@
   public function wp_pocketurl_links_by_country($code){
     global $wpdb;
-    $sql = "SELECT DISTINCT(link_id) as ID from {$wpdb->wp_pocketurl_clicks_table} WHERE click_country_code = {$code}";
+    $sql = $wpdb->prepare(
+        "SELECT DISTINCT(link_id) as ID FROM {$wpdb->wp_pocketurl_clicks_table} WHERE click_country_code = %s",
+        $code
+    );
     return (array) $wpdb->get_col($sql);
   }
@@ -162 +165 @@
   * get clicks count grouped by date
   */
-  public function wp_pocketurl_get_clicks_report($cmonth=null, $cat=null, $country=null,$link=null ){
-    global $wpdb;$and=0;
-    $sql = "SELECT count(1) as clicks, DATE(click_date) as date  FROM {$wpdb->wp_pocketurl_clicks_table}";
-    if($country || $cmonth || $cat || $link){
-      $sql .=" WHERE";
-    }
-
-    if($country){
-      $sql .=" click_country_code ='$country'";
-      $and=1;
-    }
-
-    if($cmonth){
-      if($and){
-        $sql.=" AND";
-      }
-      $year = date('Y',strtotime($cmonth));
-      $month = date('m',strtotime($cmonth));
-      $sql .=" YEAR(click_date)='$year' AND MONTH(click_date)='$month'";
-      $and=1;
-    }
-
-    if($cat){
-      if($and){
-        $sql.=" AND";
-      }
-      $IDs = implode(',', $this->wp_pocketurl_get_links_ids_by_cat_id($cat) );
-      $sql.=" link_id IN ({$IDs})";
-      $and=1;
-    }
-    if($link){
-      if($and){
-        $sql.=" AND";
-      }
-      $sql.=" link_id = {$link}";
-      $and=1;
-    }
-    $sql .=" GROUP BY DATE(click_date) ORDER BY click_date ASC";
+  public function wp_pocketurl_get_clicks_report($cmonth = null, $cat = null, $country = null, $link = null){
+    global $wpdb;
+    $sql = "SELECT count(1) as clicks, DATE(click_date) as date FROM {$wpdb->wp_pocketurl_clicks_table}";
+
+    $where_clauses = [];
+
+    if ($country) {
+        $where_clauses[] = $wpdb->prepare("click_country_code = %s", $country);
+    }
+
+    if ($cmonth) {
+        $year = date('Y', strtotime($cmonth));
+        $month = date('m', strtotime($cmonth));
+        $where_clauses[] = $wpdb->prepare("YEAR(click_date) = %d AND MONTH(click_date) = %d", $year, $month);
+    }
+
+    if ($cat) {
+        $IDs = implode(',', array_map('absint', $this->wp_pocketurl_get_links_ids_by_cat_id($cat)));
+        if (!empty($IDs)) {
+            $where_clauses[] = "link_id IN ({$IDs})";
+        }
+    }
+
+    if ($link) {
+        $where_clauses[] = $wpdb->prepare("link_id = %d", $link);
+    }
+
+    if (!empty($where_clauses)) {
+        $sql .= " WHERE " . implode(' AND ', $where_clauses);
+    }
+
+    $sql .= " GROUP BY DATE(click_date) ORDER BY click_date ASC";
+
     $result = $wpdb->get_results($sql);
     return $result; 
-  }
+}
   
   /*

wp-pocket-urls/tags/1.0.3/classes/class-wp-pocketurl.php

@@ -265 +265 @@
         global $wpdb;
         global $post_type;   
-    if ( $post_type != 'wp_pocketurl_link' ) return;
-        $sql = "DELETE FROM {$wpdb->wp_pocketurl_clicks_table}  WHERE link_id={$postID}";   
+        if ($post_type != 'wp_pocketurl_link') return;
+        $sql = $wpdb->prepare(
+            "DELETE FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $postID
+        );
         $rows = $wpdb->query($sql);
     }

wp-pocket-urls/trunk/classes/class-wp-pocketurl-clicks.php

@@ -183 +183 @@
     public function getClickCountByPostID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         return $wpdb->get_var($sql);
     }
@@ -205 +208 @@
             'fields'        => 'ids', // Only get post IDs
         ));
-        $ids = implode(',',$post_ids);
-        $sql = "SELECT COUNT(1) as total FROM {$wpdb->wp_pocketurl_clicks_table} where link_id IN ($ids)";
-        $sum = $wpdb->get_var($sql);
+        if (!empty($post_ids)) 
+        {
+            $placeholders = array_fill(0, count($post_ids), '%d');
+            $format = implode(',', $placeholders);
+            $query = "SELECT COUNT(1) as total FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id IN ($format)";
+            $sql = call_user_func_array(array($wpdb, 'prepare'), array_merge(array($query), $post_ids));
+            $sum = $wpdb->get_var($sql);
+        } 
+        else 
+        {
+            $sum = 0; // No posts, so count is 0
+        }
         return $sum;
     }
@@ -213 +225 @@
     * get clicks details by link ID
     * return array of rows
-    */
-    public function getClicksDetailsByID($ID,$start,$end){
-        global $wpdb;
-        $sql = "SELECT * FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID ORDER BY click_date DESC LIMIT $start, 10";
+    */public function getClicksDetailsByID($ID, $start, $end){
+        global $wpdb;
+        $sql = $wpdb->prepare(
+            "SELECT * FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d ORDER BY click_date DESC LIMIT %d, %d",
+            $ID, $start, 10
+        );
         $result = $wpdb->get_results($sql);
-        return $result; 
+        return $result;    
     }
     /*
@@ -226 +240 @@
     public function getClicksDetailsTotalBYID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         $result = $wpdb->get_var($sql);
-        return $result; 
+        return $result;    
     }
     /*
@@ -236 +253 @@
     public function getClicksCountBYID($ID){
         global $wpdb;
-        $sql = "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$ID";
+        $sql = $wpdb->prepare(
+            "SELECT count(1) FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $ID
+        );
         $result = $wpdb->get_var($sql);
-        return $result; 
+        return $result;    
     }
 
@@ -246 +266 @@
     public function delete_clicks_count($id){
         global $wpdb;
-        $wpdb->query("DELETE FROM {$wpdb->wp_pocketurl_clicks_table} where link_id=$id");
-    }
-    
+        $sql = $wpdb->prepare(
+            "DELETE FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $id
+        );
+        $wpdb->query($sql);
+    }
 }

wp-pocket-urls/trunk/classes/class-wp-pocketurl-reports.php

@@ -139 +139 @@
   public function wp_pocketurl_links_by_country($code){
     global $wpdb;
-    $sql = "SELECT DISTINCT(link_id) as ID from {$wpdb->wp_pocketurl_clicks_table} WHERE click_country_code = {$code}";
+    $sql = $wpdb->prepare(
+        "SELECT DISTINCT(link_id) as ID FROM {$wpdb->wp_pocketurl_clicks_table} WHERE click_country_code = %s",
+        $code
+    );
     return (array) $wpdb->get_col($sql);
   }
@@ -162 +165 @@
   * get clicks count grouped by date
   */
-  public function wp_pocketurl_get_clicks_report($cmonth=null, $cat=null, $country=null,$link=null ){
-    global $wpdb;$and=0;
-    $sql = "SELECT count(1) as clicks, DATE(click_date) as date  FROM {$wpdb->wp_pocketurl_clicks_table}";
-    if($country || $cmonth || $cat || $link){
-      $sql .=" WHERE";
-    }
-
-    if($country){
-      $sql .=" click_country_code ='$country'";
-      $and=1;
-    }
-
-    if($cmonth){
-      if($and){
-        $sql.=" AND";
-      }
-      $year = date('Y',strtotime($cmonth));
-      $month = date('m',strtotime($cmonth));
-      $sql .=" YEAR(click_date)='$year' AND MONTH(click_date)='$month'";
-      $and=1;
-    }
-
-    if($cat){
-      if($and){
-        $sql.=" AND";
-      }
-      $IDs = implode(',', $this->wp_pocketurl_get_links_ids_by_cat_id($cat) );
-      $sql.=" link_id IN ({$IDs})";
-      $and=1;
-    }
-    if($link){
-      if($and){
-        $sql.=" AND";
-      }
-      $sql.=" link_id = {$link}";
-      $and=1;
-    }
-    $sql .=" GROUP BY DATE(click_date) ORDER BY click_date ASC";
+  public function wp_pocketurl_get_clicks_report($cmonth = null, $cat = null, $country = null, $link = null){
+    global $wpdb;
+    $sql = "SELECT count(1) as clicks, DATE(click_date) as date FROM {$wpdb->wp_pocketurl_clicks_table}";
+
+    $where_clauses = [];
+
+    if ($country) {
+        $where_clauses[] = $wpdb->prepare("click_country_code = %s", $country);
+    }
+
+    if ($cmonth) {
+        $year = date('Y', strtotime($cmonth));
+        $month = date('m', strtotime($cmonth));
+        $where_clauses[] = $wpdb->prepare("YEAR(click_date) = %d AND MONTH(click_date) = %d", $year, $month);
+    }
+
+    if ($cat) {
+        $IDs = implode(',', array_map('absint', $this->wp_pocketurl_get_links_ids_by_cat_id($cat)));
+        if (!empty($IDs)) {
+            $where_clauses[] = "link_id IN ({$IDs})";
+        }
+    }
+
+    if ($link) {
+        $where_clauses[] = $wpdb->prepare("link_id = %d", $link);
+    }
+
+    if (!empty($where_clauses)) {
+        $sql .= " WHERE " . implode(' AND ', $where_clauses);
+    }
+
+    $sql .= " GROUP BY DATE(click_date) ORDER BY click_date ASC";
+
     $result = $wpdb->get_results($sql);
     return $result; 
-  }
+}
   
   /*

wp-pocket-urls/trunk/classes/class-wp-pocketurl.php

@@ -265 +265 @@
         global $wpdb;
         global $post_type;   
-    if ( $post_type != 'wp_pocketurl_link' ) return;
-        $sql = "DELETE FROM {$wpdb->wp_pocketurl_clicks_table}  WHERE link_id={$postID}";   
+        if ($post_type != 'wp_pocketurl_link') return;
+        $sql = $wpdb->prepare(
+            "DELETE FROM {$wpdb->wp_pocketurl_clicks_table} WHERE link_id = %d",
+            $postID
+        );
         $rows = $wpdb->query($sql);
     }