Title: Advanced Data Table – unsafe SQL Last modified: January 3, 2022 --- # Advanced Data Table – unsafe SQL * Resolved [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * (@martin4nbi) * [4 years, 5 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/) * Hello… * For your Advanced Data Table widget, if I configure it with Source = “Database”,“ Select Query” = “MySQL Query”, and then enter a MySQL Query like `DROP TABLE wp_posts;`, what will happen? Will the table be dropped? * Also, on a multisite network, is there any mechanism to prevent an author on one site from querying tables on a different site on the multisite network. Or any protection against writing an `INSERT`, `UPDATE`, `DROP TABLE` or similar potentially damaging SQL as the MySQL query? Viewing 8 replies - 1 through 8 (of 8 total) * Plugin Support [AR Rasel](https://wordpress.org/support/users/arrasel403/) * (@arrasel403) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15216423) * Hi [@martin4nbi](https://wordpress.org/support/users/martin4nbi/), * Sorry for the inconvenience caused and the late reply. Once you have run the DROP SQL query then the Table will be dropped. * And currently, we don’t have an option for preventing the author or any users from adding SQL queries. Once any SQL query will add then that will work. * Hope you understand. Thanks! * Thread Starter [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * (@martin4nbi) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15220659) * Wow, so the “Advanced Data Table” is potentially **very** dangerous. * Is it disabled by default when you activate your plugin? Have you warned about this potential danger in the documentation? * Plugin Support [AR Rasel](https://wordpress.org/support/users/arrasel403/) * (@arrasel403) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15227790) * Hi [@martin4nbi](https://wordpress.org/support/users/martin4nbi/), * Actually, this is not dangerous. This SQL command can run only by site Admin. Or if you give role permission for editing the Page with Elementor. The users who have permission for editing Elementor pages. They can do it easily after login into the dashboard. So you need to restrict accordingly for the Elementor page editing option. * Moreover, as this is a pro feature, according to the WordPress rules we can’t discuss more this here. If you have any other queries please reach us [here](https://wpdeveloper.com/support). * Our team will help you. Don’t worry. Thanks! * Thread Starter [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * (@martin4nbi) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15230790) * The **Advanced Data Table** is listed as **#36** under the heading “**50+ _FREE_ WIDGETS AND COUNTING**” on your [main EAEL WordPress plugin page here](https://wordpress.org/plugins/essential-addons-for-elementor-lite/).( It is **not** listed under the “**MORE ELEMENTS (35+) ON _PREMIUM_ VERSION**” section.) Is that page incorrect? * This widget **is** dangerous. **Any** page author allowed to use Elementor can use the **Advanced Data Table**. I have verified this in my testing. That’s why I asked if the **Advanced Data Table** widget is **enabled** by default. Could you please reply to that? - This reply was modified 4 years, 4 months ago by [martin4nbi](https://wordpress.org/support/users/martin4nbi/). * Plugin Support [AR Rasel](https://wordpress.org/support/users/arrasel403/) * (@arrasel403) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15238928) * Hi [@martin4nbi](https://wordpress.org/support/users/martin4nbi/), * Actually, in the Advanced-Data Table widget, some features are free and some are Pro. Check this [screenshot](https://d.pr/i/p1wuhl). Here read-mark four features are our Pro feature and the rest two are the free features. * As this widget has a free feature that’s why we kept it in the Free widget section. And you are asking for the Pro feature. * However, thanks for your valuable suggestions. I will discuss this with our Dev Team. Hopefully, we will fix this issue in our upcoming few releases. Once we have fixed this issue, we’ll inform you. Please allow us time. * Have a good day! * Thread Starter [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * (@martin4nbi) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15256250) * Thank you for the update Rasel. * At a minimum, it would be prudent for the Dev Team to validate the SQL expression and only allow “SELECT” statements, which is a simple thing to do. That would prevent destructive actions. (But it would not prevent queries of data from other sites in a multi-site network.) * As it is right now, I think that any “author” with access to the “pro” version could wreak havoc even if they don’t have full permission to publish their own posts, because they can use the post “preview” feature to execute the SQL and view the page. * Plugin Author [Rafin](https://wordpress.org/support/users/rafinkhan/) * (@rafinkhan) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15266777) * [@martin4nbi](https://wordpress.org/support/users/martin4nbi/), * Hi, there. We have pushed a new update today for EA Advanced Data Table widget which will take care of the issue you have reported. * Thank you! * Thread Starter [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * (@martin4nbi) * [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15275114) * Thank you. I appreciate the quick update. I’ve upgraded to the latest version. Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘Advanced Data Table – unsafe SQL’ is closed to new replies. * ![](https://ps.w.org/essential-addons-for-elementor-lite/assets/icon-256x256. gif?rev=3182943) * [Essential Addons for Elementor - Popular Elementor Templates & Widgets](https://wordpress.org/plugins/essential-addons-for-elementor-lite/) * [Frequently Asked Questions](https://wordpress.org/plugins/essential-addons-for-elementor-lite/#faq) * [Support Threads](https://wordpress.org/support/plugin/essential-addons-for-elementor-lite/) * [Active Topics](https://wordpress.org/support/plugin/essential-addons-for-elementor-lite/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/essential-addons-for-elementor-lite/unresolved/) * [Reviews](https://wordpress.org/support/plugin/essential-addons-for-elementor-lite/reviews/) * 8 replies * 3 participants * Last reply from: [martin4nbi](https://wordpress.org/support/users/martin4nbi/) * Last activity: [4 years, 4 months ago](https://wordpress.org/support/topic/advanced-data-table-unsafe-sql/#post-15275114) * Status: resolved