Closed TomoTsuyuki closed 2 years ago
Correct. This is a security feature. (And one we know is liable to have false positives, but better safe than sorry.)
If you need to do this, do something like WHERE email = CONCAT('gran', 't.smith@test.com')
Or, put in the email address using a placeholder.
Hi,
I just used this plugin and found one query couldn't be saved and run.
Error shows:
You are not allowed to use the words ALTER, CREATE, DELETE, DROP, GRANT, INSERT, INTO, TRUNCATE, UPDATE in the SQL.
I checked the query and found there is 'grant' in the where clause. The query is something like:
SELECT * FROM {user} WHERE email = 'grant.smith@test.com'