From ddba456f67e5072ece263a754af807a04f507621 Mon Sep 17 00:00:00 2001 From: Adrien Saurat Date: Tue, 17 Jan 2012 12:00:32 +0100 Subject: [PATCH] Bug 7450: missing placeholders in authorised_values.pl Signed-off-by: Katrin Fischer Successfully added, edited and deleted authorised values. No problems found. (cherry picked from commit f0a660093442941ee11c0c2fe11402eebfa45a01) Signed-off-by: Chris Nighswonger --- admin/authorised_values.pl | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/admin/authorised_values.pl b/admin/authorised_values.pl index d7872d649a..f5dbc4648c 100755 --- a/admin/authorised_values.pl +++ b/admin/authorised_values.pl @@ -104,13 +104,13 @@ if ($op eq 'add_form') { my $duplicate_entry = 0; if ( $id ) { # Update - my $sth = $dbh->prepare( "SELECT category, authorised_value FROM authorised_values WHERE id='$id' "); - $sth->execute(); + my $sth = $dbh->prepare( "SELECT category, authorised_value FROM authorised_values WHERE id = ? "); + $sth->execute($id); my ($category, $authorised_value) = $sth->fetchrow_array(); if ( $authorised_value ne $new_authorised_value ) { my $sth = $dbh->prepare_cached( "SELECT COUNT(*) FROM authorised_values " . - "WHERE category = '$new_category' AND authorised_value = '$new_authorised_value' and id<>$id"); - $sth->execute(); + "WHERE category = ? AND authorised_value = ? and id <> ? "); + $sth->execute($new_category, $new_authorised_value, $id); ($duplicate_entry) = $sth->fetchrow_array(); warn "**** duplicate_entry = $duplicate_entry"; } @@ -133,8 +133,8 @@ if ($op eq 'add_form') { } else { # Insert my $sth = $dbh->prepare_cached( "SELECT COUNT(*) FROM authorised_values " . - "WHERE category = '$new_category' AND authorised_value = '$new_authorised_value' "); - $sth->execute(); + "WHERE category = ? AND authorised_value = ? "); + $sth->execute($new_category, $new_authorised_value); ($duplicate_entry) = $sth->fetchrow_array(); unless ( $duplicate_entry ) { my $sth=$dbh->prepare( 'INSERT INTO authorised_values -- 2.39.5