public static function checkquery($sql) { if (self::$config === null) { self::$config = getglobal('config/security/querysafe'); } if (self::$config['status']) { $check = 1; $cmd = strtoupper(substr(trim($sql), 0, 3)); if (isset(self::$checkcmd[$cmd])) { $check = self::_do_query_safe($sql); } elseif (substr($cmd, 0, 2) === '/*') { $check = -1; } if ($check < 1) { throw new DbException('It is not safe to do this query', 0, $sql); } } return true; }
public static function checkquery($sql) { if (self::$config === null) { self::$config = getglobal('config/security/querysafe'); } if (self::$config['status']) { $cmd = trim(strtoupper(substr($sql, 0, strpos($sql, ' ')))); if (in_array($cmd, self::$checkcmd)) { $test = self::_do_query_safe($sql); if ($test < 1) { throw new DbException('It is not safe to do this query', 0, $sql); } } } return true; }