Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/reports
History
Chris Nighswonger 860f1f70e5 kohabug 2458 Disallowing non-SELECT SQL in reports module 
This patch enforces SELECT-only SQL in the reports module.
It introduces code to check SQL in two places. The first is
when a save is attempted on a user constructed SQL statement.
If a non-SELECT SQL statement is entered, the user will be
presented with an error message and a button giving the
option of editing the SQL. The second is when any SQL is
executed. If execution of a non-SELECT SQL statement is
attempted, the user is presented with an error message and
instructed to delete that report as the SQL is invalid.

The second check is intended as a safety net as no non-SELECT
SQL should ever be saved.

It may be well to document the proper usage of the direct SQL
entry type report.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-08-08 10:52:34 -05:00
..
acquisitions_stats.tmpl kohabug 2224 Third installment: Further corrections for NULL fields 2008-07-27 06:10:21 -05:00
bor_issues_top.tmpl nomenclature cleanup: s/Branch/Library/ s/Document Type/Item Type/ 2008-05-30 11:36:04 -05:00
borrowers_out.tmpl BugFixing : 1299 /displaying lists for document types and borrower categories 2008-01-17 21:00:59 -06:00
borrowers_stats.tmpl Refine "Patrons statistics" report, fix highlight, remove CGI::scrolling_lists. 2008-07-22 15:44:58 -05:00
cat_issues_top.tmpl nomenclature cleanup: s/Branch/Library/ s/Document Type/Item Type/ 2008-05-30 11:36:04 -05:00
catalogue_out.tmpl Total overhaul of broken "Items with no checkouts" report. 2008-07-10 09:11:32 -05:00
catalogue_stats.tmpl Markup corrections. You can't embed a <!-- TMPL_IF --> inside an HTML tag because it causes problems for the translation script. 2008-06-17 14:05:53 -05:00
dictionary.tmpl kohabug 1679 & 1680 Fixes date formatting in guided reports wizard 2008-08-04 15:26:49 -05:00
guided_reports_start.tmpl kohabug 2458 Disallowing non-SELECT SQL in reports module 2008-08-08 10:52:34 -05:00
issues_avg_stats.tmpl nomenclature cleanup: s/Branch/Library/ s/Document Type/Item Type/ 2008-05-30 11:36:04 -05:00
issues_by_borrower_category.tmpl BugFixing : 1299 /displaying lists for document types and borrower categories 2008-01-17 21:00:59 -06:00
issues_stats.tmpl Report cleanup - fix highlight, add debugging feedback 2008-07-12 08:59:38 -05:00
itemslost.tmpl nomenclature cleanup: s/Branch/Library/ s/Document Type/Item Type/ 2008-05-30 11:36:04 -05:00
itemtypes.tmpl Lots of reformatting of reports forms. Improvements to breadcrumbs. XHTML-compliance corrections. Fix to itemslost.pl for Bug 1733 (just a typo). 2008-01-03 16:29:16 -06:00
reports-home.tmpl Bug 2453 - Obsoleted report removed (use issues_stats instead) 2008-07-16 18:26:18 -05:00
reservereport.tmpl Modifications to ensure XHTML compliance; Adding breadcrumbs and global search 2007-09-12 20:54:47 -05:00
stats_screen.tmpl nomenclature cleanup: s/Branch/Library/ s/Document Type/Item Type/ 2008-05-30 11:36:04 -05:00