tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-24 06:15:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '1826-sentencia-union-restringida-en-informes-sql-ext-4134' into 'develop'

Browse Source 
Reapplied #1000 solution

See merge request artica/pandorafms!1261
This commit is contained in:
vgilc 2018-01-24 17:40:04 +01:00
commit d1a809f9c8
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pandora_console/include/functions.php
View File

@ -1714,7 +1714,7 @@ function check_sql ($sql) {
//Check that it not delete_ as "delete_pending" (this is a common field in pandora tables).
if (preg_match("/\*|delete[^_]|drop|alter|modify|union|password|pass|insert|update/i", $sql)) {
if (preg_match("/\*|delete[^_]|drop|alter|modify|password|pass|insert|update/i", $sql)) {
return "";
}
return $sql;

2
pandora_console/include/functions_reporting.php
View File

@ -4492,7 +4492,7 @@ function reporting_sql($report, $content) {
}
else {
$return['correct'] = 0;
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, union, password, pass, insert or update.');
$return['error'] = __('Illegal query: Due security restrictions, there are some tokens or words you cannot use: *, delete, drop, alter, modify, password, pass, insert or update.');
}
if ($config['metaconsole']) {