/** * Filter a request variable, containing a WHERE clause, from the globals * if it is blacklisted. * * @param string $variable * * @example filter_request_where_clause('atkselector') */ public static function filter_request_where_clause($variable) { if (isset($_REQUEST[$variable])) { $values = (array) $_REQUEST[$variable]; foreach ($values as $value) { $checker = new self($value); if (!$checker->isSafe()) { Tools::atkhalt('Unsafe WHERE clause in REQUEST variable: ' . $variable, 'critical'); } } } }
/** * If haltonerror is set, this will raise an atkerror. If not, it will * place the error in atkdebug and continue. * * @param string $message */ public function halt($message = '') { if ($this->m_haltonerror) { if ($this->getErrorType() === 'system') { Tools::atkdebug(__CLASS__ . '::halt() on system error'); $level = 'warning'; if (!in_array($this->m_errno, $this->m_user_error)) { $level = 'critical'; } Tools::atkerror($this->getErrorMsg()); Tools::atkhalt($this->getErrorMsg(), $level); } else { Tools::atkdebug(__CLASS__ . '::halt() on user error (not halting)'); } } }