From 89cf013a6fadcb1347151798f3fdab0d8c75cd15 Mon Sep 17 00:00:00 2001
From: Robin Sheat <robin@catalyst.net.nz>
Date: Tue, 16 Jul 2013 02:06:40 +1200
Subject: [PATCH] Bug 10590 - parameterise the limit option

The limit option was previously substituted directly into the query. The
previous patch on bug 10590 filters it on input, but there's no reason
not to have it made to work properly in the query for added safety.

To test:

[1] Go to the top checkouts report (http://OPAC/cgi-bin/koha/opac-topissues.pl)
[2] Run the report several times, varying the filters on
    number of results and item type.
[3] Verify the the list of top checkouts appears to be correct.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
---
 opac/opac-topissues.pl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/opac/opac-topissues.pl b/opac/opac-topissues.pl
index 41d7c844a0..96b0c8f2f5 100755
--- a/opac/opac-topissues.pl
+++ b/opac/opac-topissues.pl
@@ -82,7 +82,7 @@ if($advanced_search_types eq 'ccode'){
                     GROUP BY biblio.biblionumber
                     HAVING tot >0
                     ORDER BY tot DESC
-                    LIMIT $limit
+                    LIMIT ?
                     ";
     $template->param(ccodesearch => 1);
 }else{
@@ -107,13 +107,13 @@ if($advanced_search_types eq 'ccode'){
                     GROUP BY biblio.biblionumber
                     HAVING tot >0
                     ORDER BY tot DESC
-                    LIMIT $limit
+                    LIMIT ?
                     ";
      $template->param(itemtypesearch => 1);
 }
 
 my $sth = $dbh->prepare($query);
-$sth->execute();
+$sth->execute($limit);
 my @results;
 while (my $line= $sth->fetchrow_hashref) {
     push @results, $line;
-- 
2.39.2