aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/database.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/database.php')
-rw-r--r--engine/lib/database.php25
1 files changed, 20 insertions, 5 deletions
diff --git a/engine/lib/database.php b/engine/lib/database.php
index 03770f4bf..41c514b69 100644
--- a/engine/lib/database.php
+++ b/engine/lib/database.php
@@ -670,7 +670,10 @@
function get_data($query, $callback = "") {
- global $CONFIG, $dbcalls;
+ global $CONFIG, $dbcalls;
+
+ if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+ throw new DatabaseException("Access to privileged function 'get_data()' is denied.");
$dblink = get_db_link('read');
@@ -712,7 +715,10 @@
function get_data_row($query) {
- global $CONFIG, $dbcalls;
+ global $CONFIG, $dbcalls;
+
+ if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+ throw new DatabaseException("Access to privileged function 'get_data_row()' is denied.");
$dblink = get_db_link('read');
@@ -748,7 +754,10 @@
function insert_data($query) {
- global $dbcalls;
+ global $dbcalls;
+
+ if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+ throw new DatabaseException("Access to privileged function 'insert_data()' is denied.");
$dblink = get_db_link('write');
@@ -772,7 +781,10 @@
function update_data($query) {
- global $dbcalls;
+ global $dbcalls, $CONFIG;
+
+ if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+ throw new DatabaseException("Access to privileged function 'update_data()' is denied.");
$dblink = get_db_link('write');
@@ -797,7 +809,10 @@
function delete_data($query) {
- global $dbcalls;
+ global $dbcalls, $CONFIG;
+
+ if (!callpath_gatekeeper($CONFIG->path . "engine/", true, true))
+ throw new DatabaseException("Access to privileged function 'delete_data()' is denied.");
$dblink = get_db_link('write');