Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 37508: (follow-up) Don't pass the column or sql containing password

Browse source 
This patch replaces these variables with a non-translatable message.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This commit is contained in:
Aleisha Amohia 2024-08-08 23:53:47 +00:00 committed by Katrin Fischer
parent 2d1f58242b
commit ed6cb0f274
Signed by: kfischer
GPG key ID: 0EF6E2C03357A834
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
C4/Reports/Guided.pm
View file

@ -625,12 +625,12 @@ sub execute_query {
return ( $sth, { queryerr => $sth->errstr } ) if ( $sth->err );
if ( $sql =~ m/password/ ) {
return ( $sth, { passworderr => $sql } );
return ( $sth, { passworderr => "Illegal column in SQL" } );
}
foreach my $column ( @{ $sth->{NAME_lc} } ) {
if ( $column eq 'password' ) {
return ( $sth, { passworderr => $column } );
return ( $sth, { passworderr => "Illegal column in results" } );
}
}