Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Prevent queries from unrelated tables

Browse Source
This commit is contained in:
David Bomba 2024-09-26 15:02:19 +10:00
parent 69834c9362
commit 6afcb90ba4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/Filters/QueryFilters.php
View File

@ -255,7 +255,7 @@ abstract class QueryFilters
public function client_id(string $client_id = ''): Builder
{
if (strlen($client_id) == 0) {
if (strlen($client_id) == 0 || !in_array('vendor_id', \Illuminate\Support\Facades\Schema::getColumnListing($this->builder->getModel()->getTable()))) {
return $this->builder;
}
@ -264,7 +264,7 @@ abstract class QueryFilters
public function vendor_id(string $vendor_id = ''): Builder
{
if (strlen($vendor_id) == 0) {
if (strlen($vendor_id) == 0 || !in_array('vendor_id', \Illuminate\Support\Facades\Schema::getColumnListing($this->builder->getModel()->getTable()))) {
return $this->builder;
}