composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-13 07:24:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

N°4499 Security hardening

Browse Source
This commit is contained in:
Stephen Abello
2021-12-02 10:32:29 +01:00
parent dfd1d5fe35
commit dab0e372d0
1 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
webservices/export-v2.php
View File

@@ -506,17 +506,17 @@ function CheckParameters($sExpression, $sQueryId, $sFormat)
catch(MissingQueryArgument $e)
{
$oSearch = null;
ReportErrorAndUsage("Invalid OQL query: '$sExpression'.\n".$e->getMessage());
ReportErrorAndUsage("Invalid OQL query: '".utils::HtmlEntities($sExpression)."'.\n".utils::HtmlEntities($e->getMessage()));
}
catch(OQLException $e)
{
$oSearch = null;
ReportErrorAndExit("Invalid OQL query: '$sExpression'.\n".$e->getMessage());
ReportErrorAndExit("Invalid OQL query: '".utils::HtmlEntities($sExpression)."'.\n".utils::HtmlEntities($e->getMessage()));
}
catch(Exception $e)
{
$oSearch = null;
ReportErrorAndExit($e->getMessage());
ReportErrorAndExit(utils::HtmlEntities($e->getMessage()));
}
$oExporter->SetFormat($sFormat);
@@ -573,7 +573,7 @@ if (utils::IsModeCLI())
}
catch(Exception $e)
{
echo "Error: ".$e->GetMessage()."<br/>\n";
echo "Error: ".utils::HtmlEntities($e->getMessage())."<br/>\n";
exit(-2);
}
@@ -680,15 +680,15 @@ if (utils::IsModeCLI())
}
catch(MissingQueryArgument $e)
{
ReportErrorAndUsage("Invalid OQL query: '$sExpression'.\n".$e->getMessage());
ReportErrorAndUsage("Invalid OQL query: '$sExpression'.\n".utils::HtmlEntities($e->getMessage()));
}
catch(OQLException $e)
{
ReportErrorAndExit("Invalid OQL query: '$sExpression'.\n".$e->getMessage());
ReportErrorAndExit("Invalid OQL query: '$sExpression'.\n".utils::HtmlEntities($e->getMessage()));
}
catch(Exception $e)
{
ReportErrorAndExit($e->getMessage());
ReportErrorAndExit(utils::HtmlEntities($e->getMessage()));
}
exit;
@@ -753,14 +753,14 @@ try
catch (BulkExportMissingParameterException $e)
{
$oP = new ajax_page('iTop Export');
$oP->add($e->getMessage());
$oP->add(utils::HtmlEntities($e->getMessage()));
Usage($oP);
$oP->output();
}
catch (Exception $e) {
$oP = new WebPage('iTop Export');
$oP->add_xframe_options();
$oP->add('Error: '.$e->getMessage());
IssueLog::Error($e->getMessage()."\n".$e->getTraceAsString());
$oP->add('Error: '.utils::HtmlEntities($e->getMessage()));
IssueLog::Error(utils::HtmlEntities($e->getMessage())."\n".$e->getTraceAsString());
$oP->output();
}