tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow UNION sql reports

This commit is contained in:
daniel 2017-08-03 11:32:43 +02:00
parent 5860d29e37
commit 20fc24b99e
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/include/functions.php
View File

@ -1701,7 +1701,7 @@ function check_sql ($sql) {
//Check that it not delete_ as "delete_pending" (this is a common field in pandora tables).
if (preg_match("/\*|delete[^_]|drop|alter|modify|union|password|pass|insert|update/i", $sql)) {
if (preg_match("/\*|delete[^_]|drop|alter|modify|password|pass|insert|update/i", $sql)) {
return "";
}
return $sql;

2
pandora_console/include/functions_reporting.php
View File

@ -3980,7 +3980,7 @@ function reporting_sql($report, $content) {
}
else {
$return['correct'] = 0;
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, union, password, pass, insert or update.');
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, password, pass, insert or update.');
}
if ($config['metaconsole']) {