fix(sec): Fix SQL injection in dashboard

* Fix some SQL Injections

www/include/reporting/dashboard/xmlInformations/GetXmlHost.php

@@ -43,6 +43,15 @@ if (isset($_SESSION['centreon'])) {
 }
 
 if (isset($_GET["id"]) && isset($_GET["color"])) {
+    /* Validate the type of request arguments for security */
+    if (!is_numeric($_GET['id'])) {
+        $buffer->writeElement('error', 'Bad id format');
+        $buffer->endElement();
+        header('Content-Type: text/xml');
+        $buffer->output();
+        exit;
+    }
+
     $color = array();
     foreach ($_GET["color"] as $key => $value) {
         $color[$key] = htmlentities($value, ENT_QUOTES, "UTF-8");
@@ -61,9 +70,9 @@ if (isset($_GET["id"]) && isset($_GET["color"])) {
 
     if ($accessHost) {
         $DBRESULT = $pearDBO->query(
-            "SELECT  * FROM `log_archive_host` WHERE host_id = "
+            "SELECT  * FROM `log_archive_host` WHERE host_id = '"
             . $pearDBO->escape($_GET["id"])
-            . " order by date_start desc"
+            . "' order by date_start desc"
         );
         while ($row = $DBRESULT->fetchRow()) {
             fillBuffer($statesTab, $row, $color);

www/include/reporting/dashboard/xmlInformations/GetXmlHostGroup.php

@@ -36,6 +36,15 @@ $stateType = 'host';
 require_once realpath(dirname(__FILE__) . "/initXmlFeed.php");
 
 if (isset($_GET["id"]) && isset($_GET["color"])) {
+    /* Validate the type of request arguments for security */
+    if (!is_numeric($_GET['id'])) {
+        $buffer->writeElement('error', 'Bad id format');
+        $buffer->endElement();
+        header('Content-Type: text/xml');
+        $buffer->output();
+        exit;
+    }
+
     $color = array();
     foreach ($_GET["color"] as $key => $value) {
         $color[$key] = htmlentities($value, ENT_QUOTES, "UTF-8");

www/include/reporting/dashboard/xmlInformations/GetXmlService.php

@@ -42,6 +42,15 @@ if (isset($_SESSION['centreon'])) {
 }
 
 if (isset($_GET["host_id"]) && isset($_GET["id"]) && isset($_GET["color"])) {
+    /* Validate the type of request arguments for security */
+    if (!is_numeric($_GET['id']) || !is_numeric($_GET['host_id'])) {
+        $buffer->writeElement('error', 'Bad id format');
+        $buffer->endElement();
+        header('Content-Type: text/xml');
+        $buffer->output();
+        exit;
+    }
+
     $color = array();
     foreach ($_GET["color"] as $key => $value) {
         $color[$key] = htmlentities($value, ENT_QUOTES, "UTF-8");
@@ -61,8 +70,8 @@ if (isset($_GET["host_id"]) && isset($_GET["id"]) && isset($_GET["color"])) {
     if ($accessService) {
         $DBRESULT = $pearDBO->query(
             "SELECT  * FROM `log_archive_service` WHERE host_id = '".
-            $pearDBO->escape($_GET["host_id"])."' AND service_id = ".
-            $pearDBO->escape($_GET["id"])." ORDER BY `date_start` DESC"
+            $pearDBO->escape($_GET["host_id"])."' AND service_id = '".
+            $pearDBO->escape($_GET["id"])."' ORDER BY `date_start` DESC"
         );
         while ($row = $DBRESULT->fetchRow()) {
             fillBuffer($statesTab, $row, $color);

www/include/reporting/dashboard/xmlInformations/GetXmlServiceGroup.php

@@ -36,6 +36,15 @@ $stateType = 'service';
 require_once realpath(dirname(__FILE__) . "/initXmlFeed.php");
 
 if (isset($_GET["id"]) && isset($_GET["color"])) {
+    /* Validate the type of request arguments for security */
+    if (!is_numeric($_GET['id'])) {
+        $buffer->writeElement('error', 'Bad id format');
+        $buffer->endElement();
+        header('Content-Type: text/xml');
+        $buffer->output();
+        exit;
+    }
+
     $color = array();
     foreach ($_GET["color"] as $key => $value) {
         $color[$key] = htmlentities($value, ENT_QUOTES, "UTF-8");