include

phpcompta-dev Mon, 25 Apr 2011 14:10:56 -0700

Author: danydb
Date: 2011-04-25 22:35:36 +0200 (Mon, 25 Apr 2011)
New Revision: 4071


Modified:
   phpcompta/trunk/include/class_fiche.php
Log:
protect sql


Modified: phpcompta/trunk/include/class_fiche.php
===================================================================
--- phpcompta/trunk/include/class_fiche.php     2011-04-25 20:35:15 UTC (rev 
4070)
+++ phpcompta/trunk/include/class_fiche.php     2011-04-25 20:35:36 UTC (rev 
4071)
@@ -1031,8 +1031,8 @@
      */
     function get_quick_code()
     {
-        $sql="select ad_value from fiche_detail where ad_id=23 and 
f_id=".$this->id;
-        $Res=$this->cn->exec_sql($sql);
+        $sql="select ad_value from fiche_detail where ad_id=23 and f_id=$1";
+        $Res=$this->cn->exec_sql($sql,array($this->id));
         $r=Database::fetch_all($Res);
         if ( sizeof($r) == 0 )
             return null;


_______________________________________________
Phpcompta-dev mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/phpcompta-dev

[Phpcompta-dev] r4071 - phpcompta/trunk/include

Reply via email to