message of hacking atemp when i\'m trying a sql query inside other sql query

[fre3men]

Hello, (sorry for my english, is very poor )

   
I'm making an application (rooms for playing a Virtual boardgame of HeroQuest) and I need a deck with cards that can be discard.

This is the post of this program: http://foro.heroquest.es/index.php?topic=1112.0

id_carta is card ID

table of cartas_descartadas is other table that there are discards cards (their IDs)

Code Select Expand



//contamos el total de cartas disponibles
$result = db_query("
SELECT COUNT(id_carta) as count
FROM {$db_prefix}{$db_prefix2}cartas
WHERE visible = 1 AND id_version = {$version} AND id_formato = {$formato} AND id_mazo = 1
AND id_epoca <= {$epoca} AND id_carta NOT IN (
SELECT id_carta
FROM {$db_prefix}{$db_prefix2}cartas_descartadas
WHERE id_sesion = {$sesion}
)
ORDER BY id_carta ASC
", __FILE__, __LINE__);




The Hacking Atemp message is becasuse of this part (if I don't put this part, the program function correctly, but... also count  the discard cards):

Code Select Expand



AND id_carta NOT IN (
SELECT id_carta
FROM {$db_prefix}{$db_prefix2}cartas_descartadas
WHERE id_sesion = {$sesion}
)


I need this part because if the card is discard, not count.


Somebody know that happend? Are there other method for do a sql query inside in other in SMF?

Thanks for your time.

[niko]

Sub queries are disabled by default for security reasons.

It can be enabled by adding:

Code Select Expand

$modSettings['disableQueryCheck'] = true; (it will disable checking of queries)

before querie(s)

and Optionally

Code Select Expand

$modSettings['disableQueryCheck'] = false;

after queries to enable it again for rest of queries (Not required)

$modSettings must be in globals.

[fre3men]

Many thanks  , thanks for your reply. I can do this sub query .