As of DocuWare version 7.13, a validation mechanism has been introduced for user-defined freeSQL statements used within List and Index Profiles in the File Cabinet settings.
Upon saving, these SQL statements are now checked for:
- Syntax validity
- Usage of restricted SQL commands
The list of all restricted SQL commands is:
ALTER
BEGIN
BACKUP
BULK
COMMIT
CREATE
DECLARE
DELETE
DENY
DROP
EXEC
EXECUTE
GRANT
GOTO
INSERT
KILL
OPENDATASOURCE
OPENROWSET
PROC
PROCEDURE
RAISERROR
RECONFIGURE
RESTORE
RESTRICT
REVOKE
ROLLBACK
SAVE
SHUTDOWN
SYSTEMUSER
TRAN
TRANSACTION
TRUNCATE
UPDATE
UNION
WAITFOR
REVERT
MERGE
This KBA is applicable to both Cloud and On-Premise Organizations.