tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

#11318 added funcion for validate sql

Browse Source
This commit is contained in:
Daniel Cebrian 2023-05-23 18:02:03 +02:00
parent 303b910527
commit 6b17837c4d
2 changed files with 31 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/godmode/reporting/reporting_builder.php
View File

@ -2197,9 +2197,12 @@ switch ($action) {
'id_custom' 'id_custom'
); );
if ($values['treport_custom_sql_id'] == 0) { if ($values['treport_custom_sql_id'] == 0) {
$values['external_source'] = get_parameter( $sql = get_parameter('sql', '');
'sql' if ($sql !== '') {
); $good_format = db_validate_sql($sql);
}
$values['external_source'] = get_parameter('sql');
} }
$values['historical_db'] = get_parameter( $values['historical_db'] = get_parameter(

25
pandora_console/include/functions_db.php
View File

@ -2555,3 +2555,28 @@ function db_get_column_type(string $table, string $column='')
return $result; return $result;
} }
/**
* Validate sql query.
*
* @param string $sql Query for validate.
*
* @return boolean True if query is valid.
*/
function db_validate_sql(string $sql)
{
try {
error_reporting(0);
db_process_sql_begin();
$result = db_process_sql(io_safe_output($sql));
} catch (Exception $e) {
// Catch all posible errors.
$result = false;
} finally {
db_process_sql_rollback();
error_reporting(E_ALL);
}
return ($result !== false) ? true : false;
}