SimpleMachines /
SMF2.1
| @@ 405-406 (lines=2) @@ | ||
| 402 | // One more query.... |
|
| 403 | $db_count = !isset($db_count) ? 1 : $db_count + 1; |
|
| 404 | ||
| 405 | if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override'])) |
|
| 406 | smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__); |
|
| 407 | ||
| 408 | // Use "ORDER BY null" to prevent Mysql doing filesorts for Group By clauses without an Order By |
|
| 409 | if (strpos($db_string, 'GROUP BY') !== false && strpos($db_string, 'ORDER BY') === false && preg_match('~^\s+SELECT~i', $db_string)) |
|
| @@ 380-381 (lines=2) @@ | ||
| 377 | $db_count = !isset($db_count) ? 1 : $db_count + 1; |
|
| 378 | $db_replace_result = 0; |
|
| 379 | ||
| 380 | if (empty($modSettings['disableQueryCheck']) && strpos($db_string, '\'') !== false && empty($db_values['security_override'])) |
|
| 381 | smf_db_error_backtrace('Hacking attempt...', 'Illegal character (\') used in query...', true, __FILE__, __LINE__); |
|
| 382 | ||
| 383 | if (empty($db_values['security_override']) && (!empty($db_values) || strpos($db_string, '{db_prefix}') !== false)) |
|
| 384 | { |
|
