[Koha-devel] SQL reports [error]
Paul Poulain
paul.poulain at biblibre.com
Mon Apr 30 17:17:31 CEST 2012
Le 30/04/2012 16:21, Paul a écrit :
> Chris,
>
> Many thanks, I'll see what I can do (after hours tonight.) Just
> wondering if a perl expert could suggest the code to add a "condition" to
> if ($sql =~ /;?\W?(UPDATE|DELETE|DROP|INSERT|SHOW|CREATE)\W/i) {
> push @errors, {sqlerr => $1};
> }
>
> along the lines of " unless username='paul' "
Question to all = could it be a good idea to let superlibrarians execute
dangerous SQLs like the one forbidden by the test ?
Otherwise asked: could we add a
unless permission eq 'superlibrarian'
condition ?
( ie: "with great power comes great responsibility" - at spiderman uncle- )
--
Paul POULAIN
http://www.biblibre.com
Expert en Logiciels Libres pour l'info-doc
Tel : (33) 4 91 81 35 08
More information about the Koha-devel
mailing list