tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Reapplied #1000 solution

This commit is contained in:
fbsanchez 2018-01-24 17:28:00 +01:00
parent 14713e30b8
commit 2e1ab72a21
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/include/functions.php
View File

@ -1714,7 +1714,7 @@ function check_sql ($sql) {
//Check that it not delete_ as "delete_pending" (this is a common field in pandora tables).
if (preg_match("/\*|delete[^_]|drop|alter|modify|union|password|pass|insert|update/i", $sql)) {
if (preg_match("/\*|delete[^_]|drop|alter|modify|password|pass|insert|update/i", $sql)) {
return "";
}
return $sql;

2
pandora_console/include/functions_reporting.php
View File

@ -4492,7 +4492,7 @@ function reporting_sql($report, $content) {
}
else {
$return['correct'] = 0;
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, union, password, pass, insert or update.');
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, password, pass, insert or update.');
}
if ($config['metaconsole']) {