From 6dec3b09f2550593a56cde449972c60f85c2b8c5 Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Thu, 23 Dec 2010 15:59:41 +0000
Subject: [PATCH] 2010-12-23  Miguel de Dios  <miguel.dedios@artica.es>

	* include/functions.php: in function "check_sql" added some changes in
	the regular expression for pass the pandora field "delete_pending".



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3702 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog             | 5 +++++
 pandora_console/include/functions.php | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index 452af5b407..f418821946 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,8 @@
+2010-12-23  Miguel de Dios  <miguel.dedios@artica.es>
+
+	* include/functions.php: in function "check_sql" added some changes in
+	the regular expression for pass the pandora field "delete_pending".
+
 2010-12-23  Miguel de Dios  <miguel.dedios@artica.es>
 
 	* include/ajax/reporting.ajax.php: fixed copy&paste mistake.
diff --git a/pandora_console/include/functions.php b/pandora_console/include/functions.php
index ba80e91ebb..5c8718edc1 100644
--- a/pandora_console/include/functions.php
+++ b/pandora_console/include/functions.php
@@ -1175,7 +1175,9 @@ function string2image($string, $width, $height, $fontsize = 3,
 function check_sql ($sql){
         // We remove "*" to avoid things like SELECT * FROM tusuario
 
-        if (preg_match("/\*|delete|drop|alter|modify|union|password|pass|insert|update/i", $sql)){
+		//Check that it not delete_ as "delete_pending" (this is a common field in pandora tables).
+	
+        if (preg_match("/\*|delete[^_]|drop|alter|modify|union|password|pass|insert|update/i", $sql)) {
                 return "";
         }
         return $sql;