goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

Prevent Dataleakage at "activated grids"-view

浏览代码
这个提交包含在:
int2001 2023-09-17 11:36:35 +00:00
父节点 a26d3f16ec
当前提交 204622970c
找不到此签名对应的密钥
GPG 密钥 ID: DFB1C13CD2DB037B
共有 1 个文件被更改,包括 9 次插入5 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

14
application/models/Activated_grids_model.php
查看文件

@ -10,10 +10,11 @@ class Activated_grids_model extends CI_Model {
if (!$logbooks_locations_array) { if (!$logbooks_locations_array) {
return null; return null;
} }
$location_list = "'".implode("','",$logbooks_locations_array)."'";
$sql = 'SELECT DISTINCT station_gridsquare AS SAT_SQUARE FROM ' $sql = 'SELECT DISTINCT station_gridsquare AS SAT_SQUARE FROM '
. 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id ' . 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id '
. 'WHERE station_profile.station_gridsquare != "" AND '.$this->config->item('table_name').'.COL_SAT_NAME != ""'; . 'WHERE station_profile.station_gridsquare != "" AND '.$this->config->item('table_name').'.COL_SAT_NAME != ""'
. ' AND station_profile.station_id in ('.$location_list.')';
return $this->db->query($sql); return $this->db->query($sql);
} }
@ -32,7 +33,8 @@ class Activated_grids_model extends CI_Model {
$sql = 'SELECT DISTINCT station_gridsquare AS SAT_SQUARE FROM ' $sql = 'SELECT DISTINCT station_gridsquare AS SAT_SQUARE FROM '
. 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id ' . 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id '
. 'WHERE station_profile.station_gridsquare != "" AND '.$this->config->item('table_name').'.COL_SAT_NAME != "" ' . 'WHERE station_profile.station_gridsquare != "" AND '.$this->config->item('table_name').'.COL_SAT_NAME != "" '
. 'AND (COL_LOTW_QSL_SENT = "Y" OR COL_QSL_SENT = "Y");'; . 'AND (COL_LOTW_QSL_SENT = "Y" OR COL_QSL_SENT = "Y")'
. ' AND station_profile.station_id in ('.$location_list.')';
return $this->db->query($sql); return $this->db->query($sql);
} }
@ -50,7 +52,8 @@ class Activated_grids_model extends CI_Model {
$sql = 'SELECT DISTINCT station_gridsquare AS GRID_SQUARES, COL_BAND FROM ' $sql = 'SELECT DISTINCT station_gridsquare AS GRID_SQUARES, COL_BAND FROM '
. 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id ' . 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id '
. 'WHERE station_profile.station_gridsquare != "" '; . 'WHERE station_profile.station_gridsquare != "" '
. ' AND station_profile.station_id in ('.$location_list.')';
if ($band != 'All') { if ($band != 'All') {
$sql .= 'AND COL_BAND = "'.$band.'" ' $sql .= 'AND COL_BAND = "'.$band.'" '
@ -77,7 +80,8 @@ class Activated_grids_model extends CI_Model {
$sql = 'SELECT DISTINCT station_gridsquare AS GRID_SQUARES, COL_BAND FROM ' $sql = 'SELECT DISTINCT station_gridsquare AS GRID_SQUARES, COL_BAND FROM '
. 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id ' . 'station_profile JOIN '.$this->config->item('table_name').' on '.$this->config->item('table_name').'.station_id = station_profile.station_id '
. 'WHERE station_profile.station_gridsquare != "" '; . 'WHERE station_profile.station_gridsquare != "" '
. ' AND station_profile.station_id in ('.$location_list.')';
if ($band != 'All') { if ($band != 'All') {
$sql .= 'AND COL_BAND = "'.$band.'" ' $sql .= 'AND COL_BAND = "'.$band.'" '