public function validateCustomSql($sql_query, $type = "check") { $adb = PearDatabase::getInstance(); if ($sql_query != "") { global $default_charset; $sql_query = html_entity_decode($sql_query, ENT_QUOTES, $default_charset); $sql_count_test = explode(";", $sql_query); if (ITS4YouReports::querySpecialControl($sql_query) == true) { ITS4YouReports::DieDuePermission("LBL_WRONG_QUERY_STRINGS_SQL"); exit; } elseif (count($sql_count_test) > 1) { ITS4YouReports::DieDuePermission("LBL_TOO_MANY_SQL"); exit; } if ($type == 'run') { $sql_query = str_replace("\n", "", $sql_query); //$sql_query = $adb->sql_escape_string($sql_query); } } return $sql_query; }