• Resolved neworleansradio

    (@neworleansradio)



    After the update of the plugin yesterday, I’m now getting the message “This SQL Query has not been allowed by an Administrator.” where the sqlgetvar code is on my site.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Eli

    (@scheeeli)

    Yes, I just added this security feature to my plugin because apparently WordPress does not have any built-in security on shortcodes and any subscriber would be able to construct their own SQL query to do anything they want in your database. So now you have to copy the SQL in those sqlgetvar calls that you want to approve and you can then paste that SQL into a new report and save the report so that only the sqlgetvar calls that you have stored as reports will work.

    I hope that makes sense and you now understand why this extra step is necessary. Please let me know if you have any more questions.

    Thanks worked great

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Error Message’ is closed to new replies.