From 39c0b9e356eb3cd623b10bfbb8b97570b38932c8 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 6 May 2014 10:44:15 +0200
Subject: [PATCH] Merge 2 tests. Remove checkstyle errors.

---
 htdocs/main.inc.php | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index c27484ad89b..a2ef6752513 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -80,15 +80,14 @@ function test_sql_and_script_inject($val, $type)
     // For SQL Injection (only GET and POST are used to be included into bad escaped SQL requests)
     if ($type != 2)
     {
-        $sql_inj += preg_match('/delete\s+from/i'	, $val);
-        $sql_inj += preg_match('/create\s+table/i'	, $val);
-        $sql_inj += preg_match('/update.+set.+=/i'	, $val);
-        $sql_inj += preg_match('/insert\s+into/i'	, $val);
-        $sql_inj += preg_match('/select.+from/i'	, $val);
-        $sql_inj += preg_match('/union.+select/i'	, $val);
-        $sql_inj += preg_match('/into\s+outfile/i'	, $val);
-        $sql_inj += preg_match('/into\s+dumpfile/i'	, $val);
-        $sql_inj += preg_match('/(\.\.%2f)+/i'		, $val);
+        $sql_inj += preg_match('/delete\s+from/i',	 $val);
+        $sql_inj += preg_match('/create\s+table/i',	 $val);
+        $sql_inj += preg_match('/update.+set.+=/i',  $val);
+        $sql_inj += preg_match('/insert\s+into/i', 	 $val);
+        $sql_inj += preg_match('/select.+from/i', 	 $val);
+        $sql_inj += preg_match('/union.+select/i', 	 $val);
+        $sql_inj += preg_match('/into\s+(outfile|dumpfile)/i',  $val);
+        $sql_inj += preg_match('/(\.\.%2f)+/i',		 $val);
     }
     // For XSS Injection done by adding javascript with script
     // This is all cases a browser consider text is javascript:
-- 
GitLab