nextcloud/apps/dav/lib
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
..
AppInfo Clear cache on vcard change/delete 2017-05-08 11:20:49 +02:00
Avatars Don't output jpeg if we request png 2017-03-29 00:05:04 +02:00
CalDAV Add Phan plugin to check for SQL injections 2017-07-20 22:48:13 +02:00
CardDAV Add Phan plugin to check for SQL injections 2017-07-20 22:48:13 +02:00
Command Remove unused use statements 2017-04-22 19:23:31 -05:00
Comments resolve displayname via manager and registerable resolvers 2016-10-19 00:34:00 +02:00
Connector Don't log passwords on dav exceptions 2017-06-29 17:20:10 +02:00
DAV Merge pull request #4443 from nextcloud/cleanup-unused-imports 2017-04-24 11:47:37 +02:00
Files Stop if user folder is not available 2017-05-09 11:26:08 -05:00
Migration unit test custom calendar search 2017-04-28 20:21:36 +02:00
SystemTag Restrict proppatch to the proper nodes 2017-04-25 17:25:03 +02:00
Upload Remove unused use statements 2017-04-22 19:23:31 -05:00
Capabilities.php Adding capability about new chunking - refs #25682 (#26368) 2016-10-21 16:33:37 +02:00
HookManager.php Remove unused use statements 2017-04-22 19:23:31 -05:00
RootCollection.php Adding dav resource for avatars 2017-03-29 00:04:29 +02:00
Server.php Use Bearer backend for SabreDAV 2017-05-18 20:49:10 +02:00