8b679f8d81
C4::Koha::get_itemtypeinfos_of was not using plceholders, opening itself up to potential SQL injection attacks. This patch refactors it to use placeholders to bind parameters. I also had to extend C4::koha::get_infos_of to allow us to pass bind parameters into it. I'm including a test module for C4::Koha::get_itemtypeinfos_of. Signed-off-by: Joshua Ferraro <jmf@liblime.com> |
||
---|---|---|
.. | ||
KohaTest | ||
KohaTest.pm |