From 75fb0f2d4af5d4dd2932e8cea4cda683e737ecc2 Mon Sep 17 00:00:00 2001
From: Paolo <bison@technikum-wien.at>
Date: Mon, 17 Jul 2023 12:06:37 +0200
Subject: [PATCH] - include/filter.class.php -> loadValues now calls the
 superclass protected method replaceSQLDecryptionPassword to replace password
 variables with their values - include/statistik.class.php -> loadData now
 calls the superclass protected method replaceSQLDecryptionPassword to replace
 password variables with their values - Added new functions hasSQLDecryption
 and isSQLDecryptionValid to include/functions.inc.php - Script
 vilesci/statistik/filter_details.php and
 vilesci/stammdaten/statistik_details.php now do not allow to store SQL
 strings that contain PostgreSQL decryption functions using a clear password

---
 include/filter.class.php                 |  4 ++-
 include/functions.inc.php                | 24 ++++++++++++++++++
 include/statistik.class.php              |  3 +++
 vilesci/stammdaten/statistik_details.php | 32 ++++++++++++++++--------
 vilesci/statistik/filter_details.php     | 13 ++++++++--
 5 files changed, 63 insertions(+), 13 deletions(-)

diff --git a/include/filter.class.php b/include/filter.class.php
index 3578d7dcf..8357c8eb4 100644
--- a/include/filter.class.php
+++ b/include/filter.class.php
@@ -230,9 +230,11 @@ class filter extends basis_db
 	 */
 	public function loadValues($sql, $valuename, $showvalue)
 	{
-
 		$this->values = array();
 
+		// In case a decryption function is used then perform password substitution
+		$sql = $this->replaceSQLDecryptionPassword($sql);
+
 		if($this->db_query($sql))
 		{
 			while($row = $this->db_fetch_row())
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 7b3560dde..d27708ea9 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -1196,4 +1196,28 @@ function anzahlTage($date1, $date2)
 	$diff = $date2_ts - $date1_ts;
 	return round($diff / 86400);
 }
+
+/**
+ * Checks if the provided SQL string contains PostgreSQL functions to decrypt data, returns a boolean
+ */
+function hasSQLDecryption($sql)
+{
+	return stripos($sql, 'PGP_SYM_DECRYPT') !== false;
+}
+
+/**
+ * Checks if the provided SQL string contains PostgreSQL functions to decrypt data,
+ * and if it is used a variable instead of a readable password. Returns a boolean
+ */
+function isSQLDecryptionValid($sql)
+{
+	// If the SQL string contains decryption functions and there are _no_ password variables
+	if (hasSQLDecryption($sql) && strpos($sql, '${') === false)
+	{
+		return false; // then return false
+	}
+
+	return true; // in any other case return true
+}
+
 ?>
diff --git a/include/statistik.class.php b/include/statistik.class.php
index d8bea89f9..a72c8bbeb 100644
--- a/include/statistik.class.php
+++ b/include/statistik.class.php
@@ -514,6 +514,9 @@ class statistik extends basis_db
 		$this->countRows=0;
 		set_time_limit(120);
 
+		// In case a decryption function is used then perform password substitution
+		$this->sql = $this->replaceSQLDecryptionPassword($this->sql);
+
 		if($this->sql!='')
 		{
 			$sql = $this->sql;
diff --git a/vilesci/stammdaten/statistik_details.php b/vilesci/stammdaten/statistik_details.php
index 1ba840c02..8ad12dc0b 100644
--- a/vilesci/stammdaten/statistik_details.php
+++ b/vilesci/stammdaten/statistik_details.php
@@ -26,6 +26,7 @@ require_once('../../config/vilesci.config.inc.php');
 require_once('../../include/statistik.class.php');
 require_once('../../include/benutzerberechtigung.class.php');
 require_once('../../include/berechtigung.class.php');
+require_once('../../include/functions.inc.php');
 
 if(!$db = new basis_db())
 {
@@ -140,18 +141,29 @@ if(!$rechte->isBerechtigt('basis/statistik', null, 'suid'))
 			$statistik->berechtigung_kurzbz = $berechtigung_kurzbz;
 			$statistik->preferences = $preferences;
 
-			$success = $statistik->save();
+			// Check if the SQL string contains functions to decrypt data and if there are
+			// variables to replace the value of the password (no clear password wanted!)
+			if (isSQLDecryptionValid($statistik->sql))
+			{
+				$success = $statistik->save();
 
-			if($success):
+				if($success):
+					?>
+					<span class="ok">Daten erfolgreich gespeichert</span>
+					<script type='text/javascript'>
+						parent.uebersicht_statistik.location.href = 'statistik_uebersicht.php';
+					</script>
+				<?php else: ?>
+					<span class="error"><?php echo $statistik->errormsg ?></span>
+				<?php
+				endif;
+			}
+			else // in case the SQL string is not valid display an error
+			{
 				?>
-				<span class="ok">Daten erfolgreich gespeichert</span>
-				<script type='text/javascript'>
-					parent.uebersicht_statistik.location.href = 'statistik_uebersicht.php';
-				</script>
-			<?php else: ?>
-				<span class="error"><?php echo $statistik->errormsg ?></span>
-			<?php
-			endif;
+				<span class="error"><?php echo 'It is not possible to store a SQL that contains clear passwords to decrypt data from the DB' ?></span>
+				<?php
+			}
 		}
 
 		$preferences = trim($statistik->preferences);
diff --git a/vilesci/statistik/filter_details.php b/vilesci/statistik/filter_details.php
index 8ff284b1f..c2f27d927 100644
--- a/vilesci/statistik/filter_details.php
+++ b/vilesci/statistik/filter_details.php
@@ -76,9 +76,18 @@
 		$filter->type = $_POST["type"];
 		$filter->htmlattr = $_POST["htmlattr"];
 
-		if(!$filter->save())
+		// Check if the SQL string contains functions to decrypt data and if there are
+		// variables to replace the value of the password (no clear password wanted!)
+		if (isSQLDecryptionValid($filter->sql))
 		{
-			$errorstr .= $filter->errormsg;
+			if (!$filter->save())
+			{
+				$errorstr .= $filter->errormsg;
+			}
+		}
+		else
+		{
+			$errorstr .= 'It is not possible to store a SQL that contains clear passwords to decrypt data from the DB';
 		}
 
 		$reloadstr .= "<script type='text/javascript'>\n";