Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

fix(secu): remove vulnerable unused topcounter file #8007

Merged
merged 1 commit into from
Oct 23, 2019
Merged

fix(secu): remove vulnerable unused topcounter file #8007

merged 1 commit into from
Oct 23, 2019

Conversation

sc979
Copy link
Member

@sc979 sc979 commented Oct 18, 2019
edited
Loading

Pull Request Template

Description

remove vulnerable unused file, since the new topCounter, by deleting it

Fixes # (none)

Type of change

  • Patch fixing an issue (non-breaking change)
  • New functionality (non-breaking change)
  • Breaking change (patch or feature) that might cause side effects breaking part of the Software
  • Updating documentation (missing information, typo...)

Target serie

  • 2.8.x
  • 18.10.x
  • 19.04.x
  • 19.10.x (master)

How this pull request can be tested ?

please contact me

Checklist

Community contributors & Centreon team

  • I followed the coding style guidelines provided by Centreon
  • I have commented my code, especially new classes, functions or any legacy code modified. (docblock)
  • I have commented my code, especially hard-to-understand areas of the PR.
  • I have made corresponding changes to the documentation.
  • I have rebased my development branch on the base branch (master, maintenance).

Centreon team only

  • I have made sure that the unit tests related to the story are successful.
  • I have made sure that unit tests cover 80% of the code written for the story.
  • I have made sure that acceptance tests related to the story are successful (local and CI)

@sc979 sc979 self-assigned this Oct 18, 2019
sc979 added a commit that referenced this pull request Oct 22, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
530cae4
@sc979 sc979 force-pushed the MON-4320-remove-unused-topcounter-file branch from bbc00aa to 98258a8 Compare October 23, 2019 12:23
@sc979 sc979 changed the base branch from 18.10.x to MON-4187-fix-18.10-sql-injections-in-monitoring-pages October 23, 2019 12:23
@sc979 sc979 merged commit d34992b into MON-4187-fix-18.10-sql-injections-in-monitoring-pages Oct 23, 2019
@sc979 sc979 deleted the MON-4320-remove-unused-topcounter-file branch October 23, 2019 12:24
loiclau pushed a commit that referenced this pull request Oct 24, 2019
@sc979 @loiclau
fix(secu): remove unused topCounter files and folders (#8007)
043ebb8
@sc979 sc979 mentioned this pull request Oct 24, 2019
Merged
16 tasks
sc979 added a commit that referenced this pull request Oct 25, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
7b6edad
sc979 added a commit that referenced this pull request Oct 28, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
35066eb
sc979 added a commit that referenced this pull request Oct 28, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
9ceea67
@sc979 sc979 mentioned this pull request Oct 28, 2019
Merged
17 tasks
sc979 added a commit that referenced this pull request Oct 29, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
e25cbbd
sc979 added a commit that referenced this pull request Oct 29, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
6c78965
sc979 added a commit that referenced this pull request Oct 30, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
252851e
sc979 added a commit that referenced this pull request Oct 31, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
2da3654
sc979 added a commit that referenced this pull request Oct 31, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
c99ea98
sc979 added a commit that referenced this pull request Nov 4, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
c8eb3ac
sc979 added a commit that referenced this pull request Nov 5, 2019
@sc979
fix(secu): Avoid SQL injections in multiple monitoring pages - for 2.8 (
6be2527 
#8029)

* style and cleaning

* enh(BE): use constants, style and replace filter parameter

* enh(BE): convert function to static

* fix(BE): fix broken query in serviceXML.php

* fix(BE): restore old topcounter file

* fix(BE): correct severity filter

* fix(secu): remove unused http parameters in hostXML.php file for PHP5 (#8013)

* fix(secu): protect from SQL injections hostXML.php for 2.8 (#8014)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused params or sanitize them in service by hostgroup (#8030)

* fix(secu): remove or sanitize http variables

* fix(secu) remove unused params or sanitize them in service by SG pages (#8043)

* fix(secu): remove unused http parameters in serviceGridBySGXML file

* fix(secu): remove unused http parameters in serviceSummaryBySGXML file

* fix(secu): remove unused params or sanitize them in hostgroups page (#8038)

* fix(secu): remove unused http parameters in hostgroups page

* fix(secu): remove unused XML template file (#8051)

* fix(secu): remove unused params or sanitize them in service pages (#8040)

* fix(secu): remove unused http parameters in service summary page

* fix(secu): remove unused http parameters in service grid page

* fix(secu): remove unused http parameters in service list page

* fix(secu): protect from SQL injections serviceGridXML.php for 2.8 (#8056)

* fix(secu): avoid SQL injection in serviceGridXML.php

* fix(secu): remove unused http parameters in serviceXML.php file for 2.8 (#8060)

* fix(secu): remove unused http parameters in serviceXML.php file

* fix(secu): avoid SQL injection in hostgroupXML.php (#8058)

* fix(secu): avoid SQL injection in serviceSummaryXML.php (#8057)

* fix(secu): protect from SQL injections in service by serviceGroups XML files for 2.8 (#8059)

* fix(secu): avoid SQL injection in serviceGridBySGXML.php

* fix(secu): avoid SQL injection in serviceSummaryBySGXML.php
sc979 added a commit that referenced this pull request Nov 6, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
96d318b
sc979 added a commit that referenced this pull request Nov 8, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
d5afe3b
sc979 added a commit that referenced this pull request Nov 12, 2019
@sc979
fix(secu): remove unused topCounter files and folders (#8007)
a5a084f
sc979 added a commit that referenced this pull request Nov 12, 2019
@sc979
fix(secu): Avoid SQL injections in multiple monitoring pages - for ma…
9738668 
…ster (#8063)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused http parameters in service by servicegroup summary XML (#8064)

* fix(secu): remove or sanitize unused https arguments in service by servicegroup summary

* fix(secu): Avoid SQL injections in service by servicegroup pages (#8065)

* fix(secu): avoid SQL injection in serviceByServicegroupGridXML.php file

* fix(secu): avoid SQL injection in serviceByServicegroupSummaryXML.php file

* fix(secu): remove or sanitize unused https arguments in service by servicegroup GRID (#8066)

* fix(secu): remove unused http parameters in services by hostgroup files (#8074)

* fix(secu): sanitize or remove unused params in serviceSummaryBYHGXML file

* fix(secu): sanitize or remove unused params in serviceGridBYHGXML file

* fix(secu): remove unused http parameters in hostgroup xml.php (#8073)

* fix(secu): remove unused http parameters in hostgroupXML.php file

* fix(secu): remove unused http parameters in services files (#8078)

* fix(secu): sanitize makeXMLForOneHost.php

* fix(secu): sanitize makeXMLForOneService.php

* fix(secu): better hadling session check

* fix(secu): sanitize or remove unused params in serviceXML file

* fix(secu): sanitize serviceGridXML.php

* fix(secu): sanitize serviceSummaryXML.php

* fix(secu): remove unused http parameters in hostXML file (#8079)

* fix(secu): sanitize or remove unused params in hostXML file

* fix(secu): prevent from sql injections in host page (#8087)

* prevent sql injection in hostXML.php

* replace uppercase table alias by lowercase

* delete case duplicating the default case

* replace array() with []

* fix(secu): prevent from sql injections from common xml model (#8083)

* fix(secu): prevent from sql injections in services pages (#8082)

* prevent sql injection in makeXMLForOneHostXML.php

* prevent sql injection in makeXMLForOneServiceXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceGridXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceSummaryXML.php

* remove debug and prepare second query

* fix(secu): prevent from sql injections in hostgroupXML file (#8081)

* fix(secu): avoid sql injections in hostgroupXML file

* fix(UI): add the order param to the request

* remove useless declarations

* replace regexp with whitelist

* add missing array declaration

* fix(CI): sonar coding style issue
sc979 added a commit that referenced this pull request Nov 12, 2019
@sc979
fix(secu): Avoid SQL injections in multiple monitoring pages - for ma…
88cc5ef 
…ster (#8063)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused http parameters in service by servicegroup summary XML (#8064)

* fix(secu): remove or sanitize unused https arguments in service by servicegroup summary

* fix(secu): Avoid SQL injections in service by servicegroup pages (#8065)

* fix(secu): avoid SQL injection in serviceByServicegroupGridXML.php file

* fix(secu): avoid SQL injection in serviceByServicegroupSummaryXML.php file

* fix(secu): remove or sanitize unused https arguments in service by servicegroup GRID (#8066)

* fix(secu): remove unused http parameters in services by hostgroup files (#8074)

* fix(secu): sanitize or remove unused params in serviceSummaryBYHGXML file

* fix(secu): sanitize or remove unused params in serviceGridBYHGXML file

* fix(secu): remove unused http parameters in hostgroup xml.php (#8073)

* fix(secu): remove unused http parameters in hostgroupXML.php file

* fix(secu): remove unused http parameters in services files (#8078)

* fix(secu): sanitize makeXMLForOneHost.php

* fix(secu): sanitize makeXMLForOneService.php

* fix(secu): better hadling session check

* fix(secu): sanitize or remove unused params in serviceXML file

* fix(secu): sanitize serviceGridXML.php

* fix(secu): sanitize serviceSummaryXML.php

* fix(secu): remove unused http parameters in hostXML file (#8079)

* fix(secu): sanitize or remove unused params in hostXML file

* fix(secu): prevent from sql injections in host page (#8087)

* prevent sql injection in hostXML.php

* replace uppercase table alias by lowercase

* delete case duplicating the default case

* replace array() with []

* fix(secu): prevent from sql injections from common xml model (#8083)

* fix(secu): prevent from sql injections in services pages (#8082)

* prevent sql injection in makeXMLForOneHostXML.php

* prevent sql injection in makeXMLForOneServiceXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceGridXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceSummaryXML.php

* remove debug and prepare second query

* fix(secu): prevent from sql injections in hostgroupXML file (#8081)

* fix(secu): avoid sql injections in hostgroupXML file

* fix(UI): add the order param to the request

* remove useless declarations

* replace regexp with whitelist

* add missing array declaration

* fix(CI): sonar coding style issue
sc979 added a commit that referenced this pull request Nov 12, 2019
@sc979
fix(secu): Avoid SQL injections in multiple monitoring pages - for ma…
f738041 
…ster (#8063)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused http parameters in service by servicegroup summary XML (#8064)

* fix(secu): remove or sanitize unused https arguments in service by servicegroup summary

* fix(secu): Avoid SQL injections in service by servicegroup pages (#8065)

* fix(secu): avoid SQL injection in serviceByServicegroupGridXML.php file

* fix(secu): avoid SQL injection in serviceByServicegroupSummaryXML.php file

* fix(secu): remove or sanitize unused https arguments in service by servicegroup GRID (#8066)

* fix(secu): remove unused http parameters in services by hostgroup files (#8074)

* fix(secu): sanitize or remove unused params in serviceSummaryBYHGXML file

* fix(secu): sanitize or remove unused params in serviceGridBYHGXML file

* fix(secu): remove unused http parameters in hostgroup xml.php (#8073)

* fix(secu): remove unused http parameters in hostgroupXML.php file

* fix(secu): remove unused http parameters in services files (#8078)

* fix(secu): sanitize makeXMLForOneHost.php

* fix(secu): sanitize makeXMLForOneService.php

* fix(secu): better hadling session check

* fix(secu): sanitize or remove unused params in serviceXML file

* fix(secu): sanitize serviceGridXML.php

* fix(secu): sanitize serviceSummaryXML.php

* fix(secu): remove unused http parameters in hostXML file (#8079)

* fix(secu): sanitize or remove unused params in hostXML file

* fix(secu): prevent from sql injections in host page (#8087)

* prevent sql injection in hostXML.php

* replace uppercase table alias by lowercase

* delete case duplicating the default case

* replace array() with []

* fix(secu): prevent from sql injections from common xml model (#8083)

* fix(secu): prevent from sql injections in services pages (#8082)

* prevent sql injection in makeXMLForOneHostXML.php

* prevent sql injection in makeXMLForOneServiceXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceGridXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceSummaryXML.php

* remove debug and prepare second query

* fix(secu): prevent from sql injections in hostgroupXML file (#8081)

* fix(secu): avoid sql injections in hostgroupXML file

* fix(UI): add the order param to the request

* remove useless declarations

* replace regexp with whitelist

* add missing array declaration

* fix(CI): sonar coding style issue
sc979 added a commit that referenced this pull request Nov 12, 2019
@sc979
fix(secu): Avoid SQL injections in multiple monitoring pages - for ma…
dd75b18 
…ster (#8063)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused http parameters in service by servicegroup summary XML (#8064)

* fix(secu): remove or sanitize unused https arguments in service by servicegroup summary

* fix(secu): Avoid SQL injections in service by servicegroup pages (#8065)

* fix(secu): avoid SQL injection in serviceByServicegroupGridXML.php file

* fix(secu): avoid SQL injection in serviceByServicegroupSummaryXML.php file

* fix(secu): remove or sanitize unused https arguments in service by servicegroup GRID (#8066)

* fix(secu): remove unused http parameters in services by hostgroup files (#8074)

* fix(secu): sanitize or remove unused params in serviceSummaryBYHGXML file

* fix(secu): sanitize or remove unused params in serviceGridBYHGXML file

* fix(secu): remove unused http parameters in hostgroup xml.php (#8073)

* fix(secu): remove unused http parameters in hostgroupXML.php file

* fix(secu): remove unused http parameters in services files (#8078)

* fix(secu): sanitize makeXMLForOneHost.php

* fix(secu): sanitize makeXMLForOneService.php

* fix(secu): better hadling session check

* fix(secu): sanitize or remove unused params in serviceXML file

* fix(secu): sanitize serviceGridXML.php

* fix(secu): sanitize serviceSummaryXML.php

* fix(secu): remove unused http parameters in hostXML file (#8079)

* fix(secu): sanitize or remove unused params in hostXML file

* fix(secu): prevent from sql injections in host page (#8087)

* prevent sql injection in hostXML.php

* replace uppercase table alias by lowercase

* delete case duplicating the default case

* replace array() with []

* fix(secu): prevent from sql injections from common xml model (#8083)

* fix(secu): prevent from sql injections in services pages (#8082)

* prevent sql injection in makeXMLForOneHostXML.php

* prevent sql injection in makeXMLForOneServiceXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceGridXML.php

* prevent sql injection in serviceXML.php

* prevent sql injection in serviceSummaryXML.php

* remove debug and prepare second query

* fix(secu): prevent from sql injections in hostgroupXML file (#8081)

* fix(secu): avoid sql injections in hostgroupXML file

* fix(UI): add the order param to the request

* remove useless declarations

* replace regexp with whitelist

* add missing array declaration

* fix(CI): sonar coding style issue
callapa pushed a commit that referenced this pull request Nov 12, 2019
@sc979 @callapa
fix(secu): Avoid SQL injections in multiple monitoring pages - for 2.8 (
78b9d30 
#8029)

* style and cleaning

* enh(BE): use constants, style and replace filter parameter

* enh(BE): convert function to static

* fix(BE): fix broken query in serviceXML.php

* fix(BE): restore old topcounter file

* fix(BE): correct severity filter

* fix(secu): remove unused http parameters in hostXML.php file for PHP5 (#8013)

* fix(secu): protect from SQL injections hostXML.php for 2.8 (#8014)

* fix(secu): remove unused topCounter files and folders (#8007)

* fix(secu): remove unused params or sanitize them in service by hostgroup (#8030)

* fix(secu): remove or sanitize http variables

* fix(secu) remove unused params or sanitize them in service by SG pages (#8043)

* fix(secu): remove unused http parameters in serviceGridBySGXML file

* fix(secu): remove unused http parameters in serviceSummaryBySGXML file

* fix(secu): remove unused params or sanitize them in hostgroups page (#8038)

* fix(secu): remove unused http parameters in hostgroups page

* fix(secu): remove unused XML template file (#8051)

* fix(secu): remove unused params or sanitize them in service pages (#8040)

* fix(secu): remove unused http parameters in service summary page

* fix(secu): remove unused http parameters in service grid page

* fix(secu): remove unused http parameters in service list page

* fix(secu): protect from SQL injections serviceGridXML.php for 2.8 (#8056)

* fix(secu): avoid SQL injection in serviceGridXML.php

* fix(secu): remove unused http parameters in serviceXML.php file for 2.8 (#8060)

* fix(secu): remove unused http parameters in serviceXML.php file

* fix(secu): avoid SQL injection in hostgroupXML.php (#8058)

* fix(secu): avoid SQL injection in serviceSummaryXML.php (#8057)

* fix(secu): protect from SQL injections in service by serviceGroups XML files for 2.8 (#8059)

* fix(secu): avoid SQL injection in serviceGridBySGXML.php

* fix(secu): avoid SQL injection in serviceSummaryBySGXML.php
@markus07 markus07 mentioned this pull request Dec 2, 2019
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@callapa callapa Awaiting requested review from callapa

@loiclau loiclau Awaiting requested review from loiclau

@kduret kduret Awaiting requested review from kduret

@jdelpierre jdelpierre Awaiting requested review from jdelpierre

@victorvassilev victorvassilev Awaiting requested review from victorvassilev

Assignees

@sc979 sc979

Labels
area/security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@sc979