diff options
Diffstat (limited to 'engine/lib/database.php')
-rw-r--r-- | engine/lib/database.php | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php index 03770f4bf..41c514b69 100644 --- a/engine/lib/database.php +++ b/engine/lib/database.php @@ -670,7 +670,10 @@ function get_data($query, $callback = "") {
- global $CONFIG, $dbcalls;
+ global $CONFIG, $dbcalls; + + if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true)) + throw new DatabaseException("Access to privileged function 'get_data()' is denied.");
$dblink = get_db_link('read');
@@ -712,7 +715,10 @@ function get_data_row($query) {
- global $CONFIG, $dbcalls;
+ global $CONFIG, $dbcalls; + + if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true)) + throw new DatabaseException("Access to privileged function 'get_data_row()' is denied.");
$dblink = get_db_link('read');
@@ -748,7 +754,10 @@ function insert_data($query) {
- global $dbcalls;
+ global $dbcalls; + + if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true)) + throw new DatabaseException("Access to privileged function 'insert_data()' is denied.");
$dblink = get_db_link('write');
@@ -772,7 +781,10 @@ function update_data($query) {
- global $dbcalls;
+ global $dbcalls, $CONFIG; + + if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true)) + throw new DatabaseException("Access to privileged function 'update_data()' is denied.");
$dblink = get_db_link('write');
@@ -797,7 +809,10 @@ function delete_data($query) {
- global $dbcalls;
+ global $dbcalls, $CONFIG; + + if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true)) + throw new DatabaseException("Access to privileged function 'delete_data()' is denied.");
$dblink = get_db_link('write');
|