Bug 37508: (QA follow-up) Use ->check_columns
Add shebang to Guided.t too. Test plan: See also previous commits. Try sql like: select access_token from oauth_access_tokens Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This commit is contained in:
parent
aebc7ba8db
commit
0c029ee849
GPG key ID:
0EF6E2C03357A834
2 changed files with 5 additions and 9 deletions
|
|
@ -624,15 +624,9 @@ sub execute_query {
|
||||||
|
|
||||||
return ( $sth, { queryerr => $sth->errstr } ) if ( $sth->err );
|
return ( $sth, { queryerr => $sth->errstr } ) if ( $sth->err );
|
||||||
|
|
||||||
if ( $sql =~ m/password/ ) {
|
# Check if table.* contained forbidden column names
|
||||||
return ( $sth, { passworderr => "Illegal column in SQL" } );
|
return ( $sth, { passworderr => "Illegal column in results" } )
|
||||||
}
|
if Koha::Report->new->check_columns( undef, $sth->{NAME_lc} );
|
||||||
|
|
||||||
foreach my $column ( @{ $sth->{NAME_lc} } ) {
|
|
||||||
if ( $column eq 'password' ) {
|
|
||||||
return ( $sth, { passworderr => "Illegal column in results" } );
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return ($sth);
|
return ($sth);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,5 @@
|
||||||
|
#!/usr/bin/perl
|
||||||
|
|
||||||
# Copyright 2012 Catalyst IT Ltd.
|
# Copyright 2012 Catalyst IT Ltd.
|
||||||
# Copyright 2015 Koha Development team
|
# Copyright 2015 Koha Development team
|
||||||
#
|
#
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue