took additional measures to prevent sql injection

2004-05-02 16:15:33 +00:00 · 2004-05-02 16:15:33 +00:00 · a293678acd
commit a293678acd
parent 045997bc93
10 changed files with 29 additions and 32 deletions
--- a/lib/WebGUI/Wobject.pm
+++ b/lib/WebGUI/Wobject.pm
@ -1479,7 +1479,7 @@ sub www_paste {
 					."templatePosition=1, "
 					."sequenceNumber=". $nextSeq .", "
                            		."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL "
-					."WHERE wobjectId=". $session{form}{wid} );
+					."WHERE wobjectId=".$_[0]->get("wobjectId"));
                return "";
        } else {
                return WebGUI::Privilege::insufficient();