Commit Graph

8 Commits

Author SHA1 Message Date
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Robin Appelman 0baeec170e
use the correct param type when getting external storages for groups
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-22 17:39:56 +02:00
Robin Appelman b573c5b8f8
get files_external mounts more efficiently 2016-09-05 14:34:20 +02:00
Joas Schilling b204af2f0f
Fix oracle support of external storage app 2016-08-15 12:03:53 +02:00
Joas Schilling 0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling 813f0a0f40
Fix apps/ 2016-07-21 18:13:57 +02:00
Robin Appelman bac1a3a623 Add option to `occ files_external:list` to show all configured mounts 2016-06-23 13:12:03 +02:00
Joas Schilling 328b3c47d7
Move stuff from outside lib/ to PSR-4 2016-05-24 08:41:20 +02:00