From f71f1a82ba1c236aa9e9641a38b9f3e4451ef2cd Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 17 Nov 2012 20:54:08 +0000
Subject: [PATCH] Properly quote MySQL query

Thanks Johan Smith

Change-Id: I53b8f2c9d7612f6c15da1900abbd219d80dc1f1d
---
 modules/registrars/cozaepp/cozaeppsync.php | 23 ++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/modules/registrars/cozaepp/cozaeppsync.php b/modules/registrars/cozaepp/cozaeppsync.php
index 142839b..e379174 100644
--- a/modules/registrars/cozaepp/cozaeppsync.php
+++ b/modules/registrars/cozaepp/cozaeppsync.php
@@ -110,19 +110,34 @@ foreach($domains as $domain) {
 
 
 	# This is the template we going to use below for our updates
-	$querytemplate = "UPDATE tbldomains SET status = %s, registrationdate = %s, expirydate = %s, nextduedate = %s WHERE domain = %s";
+	$querytemplate = "UPDATE tbldomains SET status = '%s', registrationdate = '%s', expirydate = '%s', nextduedate = '%s' WHERE domain = '%s'";
 
 	# Check status and update
 	if ($statusres == "ok") {
-		mysql_query(sprintf($querytemplate,"Active",$createdate,$nextduedate,$nextduedate,$domain));
+		mysql_query(sprintf($querytemplate,"Active",
+				mysql_real_escape_string($createdate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($domain)
+		));
 		echo "Updated $domain expiry to $nextduedate\n";
 
 	} elseif ($statusres == "serverHold") {
-		mysql_query(sprintf($querytemplate,"Pending",$createdate,$nextduedate,$nextduedate,$domain));
+		mysql_query(sprintf($querytemplate,"Pending",
+				mysql_real_escape_string($createdate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($domain)
+		));
 		echo "Domain $domain is PENDING (Registration: $createdate, Expiry: $nextduedate)\n";
 
 	} elseif ($statusres == "expired") {
-		mysql_query(sprintf($querytemplate,"Expired",$createdate,$nextduedate,$nextduedate,$domain));
+		mysql_query(sprintf($querytemplate,"Expired",
+				mysql_real_escape_string($createdate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($nextduedate),
+				mysql_real_escape_string($domain)
+		));
 		echo "Domain $domain is EXPIRED (Registration: $createdate, Expiry: $nextduedate)\n";
 	} else {
 		echo "Domain $domain has unknown status '$statusres' (File a bug report here: http://devlabs.linuxassist.net/projects/whmcs-coza-epp/issues/new)\n";
-- 
GitLab