[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 02/06: Protect SQL , utilisation de bind vari
|
From: |
Dany De Bontridder |
|
Subject: |
[Noalyss-commit] [noalyss] 02/06: Protect SQL , utilisation de bind variable |
|
Date: |
Thu, 18 Feb 2021 15:50:08 -0500 (EST) |
sparkyx pushed a commit to branch master
in repository noalyss.
commit 9d6cb61886b0efa4e0bd195534058093bad9c4c7
Author: sparkyx <danydb@noalyss.eu>
AuthorDate: Thu Feb 11 10:50:34 2021 +0100
Protect SQL , utilisation de bind variable
---
include/class/fiche.class.php | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/class/fiche.class.php b/include/class/fiche.class.php
index 3405c94..7c12578 100644
--- a/include/class/fiche.class.php
+++ b/include/class/fiche.class.php
@@ -193,10 +193,10 @@ class Fiche
fiche
natural join fiche_detail
join jnt_fic_attr on (jnt_fic_attr.fd_id=fiche.fd_id and
fiche_detail.ad_id=jnt_fic_attr.ad_id)
- join attr_def on (attr_def.ad_id=fiche_detail.ad_id) where
f_id=".$this->id.
+ join attr_def on (attr_def.ad_id=fiche_detail.ad_id) where
f_id=$1".
" order by jnt_order";
- $Ret=$this->cn->exec_sql($sql);
+ $Ret=$this->cn->exec_sql($sql,[$this->id]);
if ( ($Max=Database::num_row($Ret)) == 0 )
return ;
for ($i=0;$i<$Max;$i++)
- [Noalyss-commit] [noalyss] branch master updated (79ecb68 -> faaeb16), Dany De Bontridder, 2021/02/18
- [Noalyss-commit] [noalyss] 02/06: Protect SQL , utilisation de bind variable,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 03/06: documentation, Dany De Bontridder, 2021/02/18
- [Noalyss-commit] [noalyss] 04/06: Manage_Table_SQL : flag to display a dynamic filter on the top of the table, default yes, Dany De Bontridder, 2021/02/18
- [Noalyss-commit] [noalyss] 06/06: Cosmetic Document Option, Dany De Bontridder, 2021/02/18
- [Noalyss-commit] [noalyss] 01/06: Cosmetic, Dany De Bontridder, 2021/02/18
- [Noalyss-commit] [noalyss] 05/06: Update doc, Dany De Bontridder, 2021/02/18