From 26a74ba3cc6f08f07e2b2cfe444c68125339b991 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 19 May 2015 22:08:51 +0200
Subject: [PATCH] Add constant to allow a module to disable injection scan for
 its pages.

---
 htdocs/main.inc.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index ebad59202cc..841cea51cd0 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -151,13 +151,16 @@ if (! empty($_SERVER["PHP_SELF"]))
     analyseVarsForSqlAndScriptsInjection($morevaltochecklikepost,2);
 }
 // Sanity check on GET parameters
-if (! empty($_SERVER["QUERY_STRING"]))
+if (! defined('NOSCANGETFORINJECTION') && ! empty($_SERVER["QUERY_STRING"]))
 {
     $morevaltochecklikeget=array($_SERVER["QUERY_STRING"]);
     analyseVarsForSqlAndScriptsInjection($morevaltochecklikeget,1);
 }
 // Sanity check on POST
-analyseVarsForSqlAndScriptsInjection($_POST,0);
+if (! defined('NOSCANPOSTFORINJECTION'))
+{
+	analyseVarsForSqlAndScriptsInjection($_POST,0);
+}
 
 // This is to make Dolibarr working with Plesk
 if (! empty($_SERVER['DOCUMENT_ROOT'])) set_include_path($_SERVER['DOCUMENT_ROOT'].'/htdocs');