Commit 8bcf848088f630bdd77116c70d25821fd8e99142
1 parent
242072c5
Exists in
master
by Eriksen: Removido código que permitia exposição de queries SQL
Showing
1 changed file
with
5 additions
and
13 deletions
Show diff stats
ieducar/intranet/include/clsBancoPgSql.inc.php
| ... | ... | @@ -21,6 +21,11 @@ |
| 21 | 21 | * endereço 59 Temple Street, Suite 330, Boston, MA 02111-1307 USA. |
| 22 | 22 | */ |
| 23 | 23 | |
| 24 | +require_once 'clsConfigItajai.inc.php'; | |
| 25 | +require_once 'include/clsCronometro.inc.php'; | |
| 26 | +require_once 'include/clsEmail.inc.php'; | |
| 27 | + | |
| 28 | + | |
| 24 | 29 | /** |
| 25 | 30 | * clsBancoSQL_ class. |
| 26 | 31 | * |
| ... | ... | @@ -30,11 +35,6 @@ |
| 30 | 35 | * @since Classe disponível desde a versão 1.0.0 |
| 31 | 36 | * @version $Id$ |
| 32 | 37 | */ |
| 33 | - | |
| 34 | -require_once 'clsConfigItajai.inc.php'; | |
| 35 | -require_once 'include/clsCronometro.inc.php'; | |
| 36 | -require_once 'include/clsEmail.inc.php'; | |
| 37 | - | |
| 38 | 38 | class clsBancoSQL_ { |
| 39 | 39 | |
| 40 | 40 | protected $strHost = NULL; // Nome ou endereço IP do servidor do banco de dados |
| ... | ... | @@ -209,14 +209,6 @@ class clsBancoSQL_ { |
| 209 | 209 | |
| 210 | 210 | $this->strStringSQL = eregi_replace( "([a-z_0-9.]+) +ILIKE +'([^']+)'", "to_ascii(\\1) ILIKE to_ascii('\\2')", $this->strStringSQL ); |
| 211 | 211 | $this->strStringSQL = eregi_replace( "fcn_upper_nrm", "to_ascii", $this->strStringSQL ); |
| 212 | - /* | |
| 213 | - Verificacoes de Injection | |
| 214 | - */ | |
| 215 | - if($_GET['depurar'] == 'mostraasquerypramim') | |
| 216 | - { | |
| 217 | - echo $this->strStringSQL."<br><br>"; | |
| 218 | - } | |
| 219 | - | |
| 220 | 212 | |
| 221 | 213 | $temp = explode( "'", $this->strStringSQL ); |
| 222 | 214 | for ( $i = 0; $i < count( $temp ); $i++ ) | ... | ... |