[Koha-bugs] [Bug 9293] action_logs not tracking payments

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Thu Feb 7 01:47:17 CET 2013 

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9293

Galen Charlton <gmcharlt at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|Needs Signoff               |Failed QA
                 CC|                            |gmcharlt at gmail.com

--- Comment #8 from Galen Charlton <gmcharlt at gmail.com> ---
The patch has a *lot* of extraneous whitespace changes.  If you want to clean
up whitespace in C4/Accounts.pm as part of this patch series, please break it
up into two patches so that your functionality change (adding FinesLog) can be
evaluated separately from whitespace cleanup.

Also, the patch includes this:

@@ -396,19 +460,37 @@ sub manualinvoice {

     if ( $itemnum ) {
         $desc .= ' ' . $itemnum;
-        my $sth = $dbh->prepare(
-            'INSERT INTO  accountlines
-                        (borrowernumber, accountno, date, amount, description,
accounttype, amountoutstanding, itemnumber,notify_
-        VALUES (?, ?, now(), ?,?, ?,?,?,?,?,?)');
-     $sth->execute($borrowernumber, $accountno, $amount, $desc, $type,
$amountleft, $itemnum,$notifyid, $note, $manager_id) || re
-  } else {
-    my $sth=$dbh->prepare("INSERT INTO  accountlines
+        my $sth = $dbh->prepare("
+            INSERT INTO  accountlines
+            (borrowernumber, accountno, date, amount, description,
accounttype, amountoutstanding, itemnumber,notify_id, note, ma
+            VALUES (?, ?, now(), ?,?, ?,?,?,?,?,?)
+        ");
+        $sth->execute($borrowernumber, $accountno, $amount, $desc, $type,
$amountleft, $itemnum,$notifyid, $note, $manager_id) ||
+    } else {
+        my $sth=$dbh->prepare("
+            INSERT INTO  accountlines

I really wish that whatever is going on here wasn't changing the single quotes
to double quotes in the $dbh->prepare() statement -- that makes it marginally
more vulnerable to an SQL injection if somebody slips up and introduces a
variable inside the quotes.

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list