std::string content="";\r
std::string query="";\r
\r
- if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="")\r
+ if(queryvars.find("formaction")!=queryvars.end() && (*queryvars.find("formaction")).second=="execute" && queryvars.find("query")!=queryvars.end() && (*queryvars.find("query")).second!="" && ValidateFormPassword(queryvars))\r
{\r
query=(*queryvars.find("query")).second;\r
SQLite3DB::Recordset rs=m_db->Query(query);\r
\r
content+="<h2>Execute Query</h2>";\r
content+="<form name=\"frmquery\" method=\"POST\">";\r
+ content+=CreateFormPassword();\r
content+="<input type=\"hidden\" name=\"formaction\" value=\"execute\">";\r
content+="<textarea name=\"query\" rows=\"10\" cols=\"80\">"+StringFunctions::Replace(query,"<","<")+"</textarea>";\r
content+="<input type=\"submit\" value=\"Execute Query\">";\r