Internal Server Error - SQL Injection detected!

When editing or saving a form that always worked with chronoform 3 (database with mysql 5) if the form code contains php code like:

$db =& JFactory::getDBO();
$query = "SELECT `field` FROM `#__chronoforms_form_myform` ORDER BY `cf_id` DESC";
$db->setQuery($query);

we have immediatly an error when saving, applying or even aborting form modification. The error is:

500 - An error has occurred.

Internal Server Error - SQL Injection detected!

Thanks for any help.

paolo

Hi paolo,

It looks as though you have an over-enthusiastic spam-checker running somewhere on your site or server. You may need to find it and add some white-list settings.

Bob