aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-06-20 12:07:03 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2008-06-20 12:07:03 +0000
commit6f5997be23ad29fb37c34cc05e521fc967952d38 (patch)
treeb578c64f0e1d0ea9cc10dccdb204906826fcb13d
parent801eeb2cf9b1417a3bc8f25f1eec33cb9204be22 (diff)
downloadelgg-6f5997be23ad29fb37c34cc05e521fc967952d38.tar.gz
elgg-6f5997be23ad29fb37c34cc05e521fc967952d38.tar.bz2
Removed database gatekeepers to avoid chicken and egg problems with privileged codeblock execution, and because it is too problematic.
git-svn-id: https://code.elgg.org/elgg/trunk@1019 36083f99-b078-4883-b0ff-0f9b5a30f544
-rw-r--r--engine/lib/database.php25
1 files changed, 5 insertions, 20 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php
index d81dc8185..74d6d2d77 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -127,10 +127,7 @@
function get_data($query, $callback = "") {
- global $CONFIG, $dbcalls;
-
- if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
- throw new SecurityException(sprintf(elgg_echo('SecurityException:FunctionDenied'), 'get_data()'));
+ global $CONFIG, $dbcalls;
$dblink = get_db_link('read');
@@ -172,10 +169,7 @@
function get_data_row($query) {
- global $CONFIG, $dbcalls;
-
- if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
- throw new SecurityException(sprintf(elgg_echo('SecurityException:FunctionDenied'), 'get_data_row()'));
+ global $CONFIG, $dbcalls;
$dblink = get_db_link('read');
@@ -211,10 +205,7 @@
function insert_data($query) {
- global $CONFIG, $dbcalls;
-
- if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
- throw new SecurityException(sprintf(elgg_echo('SecurityException:FunctionDenied'), 'insert_data()'));
+ global $CONFIG, $dbcalls;
$dblink = get_db_link('write');
@@ -243,10 +234,7 @@
function update_data($query) {
- global $dbcalls, $CONFIG;
-
- if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
- throw new SecurityException(sprintf(elgg_echo('SecurityException:FunctionDenied'), 'update_data()'));
+ global $dbcalls, $CONFIG;
$dblink = get_db_link('write');
@@ -276,10 +264,7 @@
function delete_data($query) {
- global $dbcalls, $CONFIG;
-
- if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
- throw new SecurityException(sprintf(elgg_echo('SecurityException:FunctionDenied'), 'delete_data()'));
+ global $dbcalls, $CONFIG;
$dblink = get_db_link('write');