timhunt
commented
2 years ago Correct. This is a security feature. (And one we know is liable to have false positives, but better safe than sorry.)
If you need to do this, do something like WHERE email = CONCAT('gran', 't.smith@test.com')
Or, put in the email address using a placeholder.
Hi,
I just used this plugin and found one query couldn't be saved and run.
Error shows:
You are not allowed to use the words ALTER, CREATE, DELETE, DROP, GRANT, INSERT, INTO, TRUNCATE, UPDATE in the SQL.I checked the query and found there is 'grant' in the where clause. The query is something like:
SELECT * FROM {user} WHERE email = 'grant.smith@test.com'