Closed aftechro closed 8 months ago
Test these changes at: https://patch15863.pr-review.itflow.org
(automatic message)
to solve the sonar code analysis, config.php file needs to be changed to format:
$dbConfig = array( 'host' => 'your_db_host', 'username' => 'your_db_username', 'password' => 'your_db_password', 'database' => 'your_database_name', );
then settings_update.php change code parts:
// Database connection $mysqli = mysqli_connect($dbConfig['host'], $dbConfig['username'], $dbConfig['password'], $dbConfig['database']) or die('Database Connection Failed'); $conn = new mysqli($dbConfig['host'], $dbConfig['username'], $dbConfig['password'], $dbConfig['database']);
and then $command = "mysqldump --complete-insert --skip-comments --host={$dbConfig['host']} --user={$dbConfig['username']} --password={$dbConfig['password']} {$dbConfig['database']} > $escapedBackupPath";
@wrongecho but i suppose that will change entire itflow system, and everywhere mysqli_connect and conn is needed, needs to be updated. i suppose would be much secured, but lot of files to update with propose secure measurement
Failed conditions
E Security Rating on New Code (required ≥ A)
See analysis details on SonarCloud
Catch issues before they fail your Quality Gate with our IDE extension SonarLint
Create and restore backups. Upload sql file and restore it from the backup list. TODO: More tests and more security to it. Allow plugin to admins only.