[Koha-bugs] [Bug 7013] required format is not enforced for authorized values
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Dec 5 16:47:27 CET 2011
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7013
Chris Cormack <chris at bigballofwax.co.nz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chris at bigballofwax.co.nz
--- Comment #6 from Chris Cormack <chris at bigballofwax.co.nz> 2011-12-05 15:47:27 UTC ---
I agree with comment 3, this code is still vulnerable to sql injection.
I will add a follow up, but I would encourage all developers to fix any bad
coding practices like this that they say, as they change code. It is the
perfect opportunity and really, there is no good reason to ever not use sql
placeholders.
--
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list