[Koha-bugs] [Bug 9454] NewBasket does not use placeholders in sql

[bugzilla-daemon at bugs.koha-community.org]

http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9454

Katrin Fischer <katrin.fischer at bsz-bw.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #14924|0                           |1
        is obsolete|                            |

--- Comment #7 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---
Created attachment 15282
  -->
http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=15282&action=edit
Bug 9454: Use placeholders when adding basket

Should always use placeholders when passing variables
to DBI; avoids unforeseen bugs and security issues.

Also:

- reformated the long lists of parameters to add CR
- moved the setting of defaults out of the call to ModBasket to
  clarify code
- Setting parameters to undef if they were not defined
  was unnecessary bloat and obscuration

Testing:
Patch should not change functional behaviour. To test check that
order baskets can still be correctly created.

Signed-off-by: Galen Charlton <gmc at esilibrary.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83 at web.de>
All tests and QA script pass.
Created a new basket, added order lines and closed basket.
Checked everything worked in the staff interface, also checked
the entry for the new basket in aqbasket in the database.
Logs are clean too.

-- 
You are receiving this mail because:
You are watching all bug changes.