netstat-tupl
commented
9 years ago Here is how is going an sql query in whmcs :
$table = "tblclients"; $update = array("companyname"=>"Test2"); $where = array("firstname"=>"Test","companyname"=>"Test1"); update_query($table,$update,$where);
See here : http://docs.whmcs.com/SQL_Helper_Functions
Cheers ;)
choppedcode
I see sql injection vulnerabilities in this https://github.com/choppedcode/sso-whmcs/blob/master/hooks.php . Please have a check on this page to learn that your statements are vulnerables : http://www.w3schools.com/sql/sql_injection.asp
A simple apostrophe at the right place can do a lot on your code. I would suggest you to add this to your sql statements if you don't know how to make them secure : http://medoo.in/
I'm sorry for making this public, but i didn't saw any other place where i can contact the author : even on the whmcs website.
Also : this is missing a couple of validations a bit everywhere. I would highly suggest to review this code before going in production. The plugin seems to be only validating if a value exist. If it exist then you can inject.