oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added missing quotes in SQL queries.

Browse source
This commit is contained in:
Leendert Bottelberghs 2004-08-12 12:53:11 +00:00
parent b035ff63f5
commit 9f3de99946
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/WebGUI/Forum/UI.pm
View file

@ -1096,7 +1096,7 @@ sub getForumTemplateVars {
$var{"thread.replies.label"} = WebGUI::International::get(1016);
$var{'thread.rating.label'} = WebGUI::International::get(1020);
$var{"thread.last.label"} = WebGUI::International::get(1017);
my $query = "select * from forumThread where forumId=".$forum->get("forumId")." and ";
my $query = "select * from forumThread where forumId=".quote($forum->get("forumId"))." and ";
if ($forum->isModerator) {
$query .= "(status='approved' or status='pending')";
} else {