Home / Prestashop Module Tutorials / Ap Page Builder / Security issue with the module ApPageBuilder v.2.2.4

Security issue with the module ApPageBuilder v.2.2.4

Hi
When you got error
This issue enables hackers to do SQL injections and it can be exploited because of PHP files in the module that are not secured.
Please update ApPageBuilder to latest version
If you have many edit
you can follow my guide to fix

open file
modules/appagebuilder/appagebuilder.php
find the function
public function hookProductAllOneImg($list_pro)
in this function
find the code
$where = ‘ WHERE i.`id_product` IN (‘.pSQL($list_pro).’) AND i.`id_image` NOT IN (‘.$image_product.’) AND ish.`id_shop` = ‘.Context::getContext()->shop->id;
$order = ‘ ORDER BY i.`id_product`,`position`’;

edit it to

$where = ‘ WHERE i.`id_product` IN (‘.pSQL($list_pro).’) AND i.`id_image` NOT IN (‘.pSQL($image_product).’) AND ish.`id_shop` = ‘.Context::getContext()->shop->id;

We edit (‘.$image_product.’) to (‘.pSQL($image_product).’)

see my image

About Leo Theme

Check Also

Fix error not show Texture in product list Ap Page builder

Hi I’m so sorry about my bug. Please follow my guide to fix: 1, open …