Patch for "master" branch: https://reviews.mahara.org/10395
-- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1846653 Title: Need to correctly escape some plans sql queries Status in Mahara: In Progress Bug description: Some of the SQL queries in artefact/plans/tools/ directory rely on sprintf substitution. This is bad as it breaks for things like values with single quote as part of the string. We should do these SQL queries with the normal placeholder substitution to avoid this breakage and potential security hole. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1846653/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
