Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3356898

Timestamp:

09/05/2025 08:53:25 PM (7 months ago)

Author:

peachpay

Message:

1.117.6

Location:

peachpay-for-woocommerce

Files:

: 868 added
: 3 edited

Legend:

: Unmodified
: Added
: Removed

peachpay-for-woocommerce/trunk/core/modules/analytics/class-peachpay-analytics-database.php

-                      r3101897
+                      r3356898
+        }
+        $order_by_param  = array_key_exists( 'order_by', (array) $query ) && $query['order_by'] ? 'ORDER BY ' . $query['order_by'] : '';
+        $group_by_param  = array_key_exists( 'group_by', (array) $query ) && $query['group_by'] ? 'GROUP BY ' . $query['group_by'] : '';
+        // Sanitize order_by parameter to prevent SQL injection
+        $order_by_param = '';
+        if ( array_key_exists( 'order_by', (array) $query ) && $query['order_by'] ) {
+            $order_by_param = self::sanitize_order_by_clause( $query['order_by'] );
+        }
+        // Sanitize group_by parameter to prevent SQL injection
+        $group_by_param = '';
+        if ( array_key_exists( 'group_by', (array) $query ) && $query['group_by'] ) {
+            $group_by_param = self::sanitize_group_by_clause( $query['group_by'] );
+        }
         $sum_results     = array_key_exists( 'sum', (array) $query ) ? $query['sum'] : 0;
         $count_results   = array_key_exists( 'count', (array) $query ) && ! $currency_convert && $query['count'];
 …
             'datasets' => $analytics_interval,
         );
+    }
+    /**
+     * Sanitizes the ORDER BY clause to prevent SQL injection.
+     *
+     * This function validates and sanitizes the order_by parameter by only allowing
+     * whitelisted column names and sorting directions.
+     *
+     * @param string $order_by The order by clause to sanitize.
+     * @return string Sanitized ORDER BY clause or empty string if invalid.
+     */
+    private static function sanitize_order_by_clause( $order_by ) {
+        // Remove any extra whitespace
+        $order_by = trim( $order_by );
+        if ( empty( $order_by ) ) {
+            return '';
+        }
+        // Define allowed columns for ORDER BY
+        $allowed_columns = array( 'id', 'title', 'currency', 'value', 'tab', 'section' );
+        // Define allowed sort directions
+        $allowed_directions = array( 'ASC', 'DESC' );
+        // Parse the order by clause
+        $parts = preg_split( '/\s+/', $order_by, 2 );
+        $column = trim( $parts[0] );
+        $direction = isset( $parts[1] ) ? strtoupper( trim( $parts[1] ) ) : 'ASC';
+        // Validate column name
+        if ( ! in_array( $column, $allowed_columns, true ) ) {
+            // Log security incident
+            peachpay_notify_error( new Exception( "Blocked SQL injection attempt in order_by parameter: {$order_by}" ) );
+            return '';
+        }
+        // Validate sort direction
+        if ( ! in_array( $direction, $allowed_directions, true ) ) {
+            // Default to ASC if invalid direction
+            $direction = 'ASC';
+        }
+        return "ORDER BY {$column} {$direction}";
+    }
+    /**
+     * Sanitizes the GROUP BY clause to prevent SQL injection.
+     *
+     * This function validates and sanitizes the group_by parameter by only allowing
+     * whitelisted column names.
+     *
+     * @param string $group_by The group by clause to sanitize.
+     * @return string Sanitized GROUP BY clause or empty string if invalid.
+     */
+    private static function sanitize_group_by_clause( $group_by ) {
+        // Remove any extra whitespace
+        $group_by = trim( $group_by );
+        if ( empty( $group_by ) ) {
+            return '';
+        }
+        // Define allowed columns for GROUP BY
+        $allowed_columns = array( 'id', 'title', 'currency', 'value', 'tab', 'section' );
+        // Parse multiple columns (comma-separated)
+        $columns = array_map( 'trim', explode( ',', $group_by ) );
+        $sanitized_columns = array();
+        foreach ( $columns as $column ) {
+            // Validate each column name
+            if ( in_array( $column, $allowed_columns, true ) ) {
+                $sanitized_columns[] = $column;
+            } else {
+                // Log security incident for invalid column
+                peachpay_notify_error( new Exception( "Blocked SQL injection attempt in group_by parameter: {$column}" ) );
+            }
+        }
+        // Return empty string if no valid columns found
+        if ( empty( $sanitized_columns ) ) {
+            return '';
+        }
+        return 'GROUP BY ' . implode( ', ', $sanitized_columns );
+    }

peachpay-for-woocommerce/trunk/peachpay.php

r3351480	r3356898
4	4	* Plugin URI: https://woocommerce.com/products/peachpay
5	5	* Description: Connect and manage all your payment methods, offer shoppers a beautiful Express Checkout, and reduce cart abandonment.
6		* Version: 1.117.5
	6	* Version: 1.117.6
7	7	* Text Domain: peachpay-for-woocommerce
8	8	* Domain Path: /languages

peachpay-for-woocommerce/trunk/readme.txt

-                      r3351480
+                      r3356898
 Requires at least: 5.8
 Tested up to: 6.8.1
 Stable tag: 1.117.5
+Stable tag: 1.117.6
 Requires PHP: 7.0
 License: GPLv2 or later
 …
 == Changelog ==
+### 1.117.6 (2025-09-05)
+#### Bug Fixes
+- Bug Fixes
 ### 1.117.5 (2025-08-20)

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 3356898

Legend:

peachpay-for-woocommerce/trunk/core/modules/analytics/class-peachpay-analytics-database.php

peachpay-for-woocommerce/trunk/peachpay.php

peachpay-for-woocommerce/trunk/readme.txt

Download in other formats: