Commit Graph

7 Commits

Author SHA1 Message Date
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Robin Appelman 6e314ddabe
fix getting sections
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-23 12:37:42 +02:00
Arthur Schiwon 28fd18de43
add missing pieces to Settings Manager and fix and extend its unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:37:41 +02:00
Arthur Schiwon 7f48b6f14f
Adopt DB and Manager to personal settings structure
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:38 +02:00
Arthur Schiwon 045f652ef2
completing PersonalInfo
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:36:37 +02:00
Robin Appelman 4c6ffeda3e
phpdoc
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-02 15:36:54 +01:00
Robin Appelman c4358ff9fd
split db logic from settings manager
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-28 18:59:24 +01:00