[Koha-bugs] [Bug 7013] required format is not enforced for authorized values
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Dec 5 11:17:25 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7013
--- Comment #3 from Frère Sébastien Marie <semarie-koha at latrappe.fr> 2011-12-05 10:17:25 UTC ---
Comment on attachment 6577
--> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=6577
proposed patch
This patch is vulnerable to SQL injection.
Please use placeholders in SQL query (using prepare/execute), instead of
$variable.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list