From 4b32d4f53179d64134e2d1e56cb0219ef5e59d77 Mon Sep 17 00:00:00 2001
From: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Date: Fri, 9 Aug 2024 09:56:11 +0000
Subject: [PATCH] Bug 37508: (QA follow-up) Use ->check_columns

Add shebang to Guided.t too.

Test plan:
See also previous commits.
Try sql like:
  select access_token from oauth_access_tokens

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
---
 C4/Reports/Guided.pm            | 12 +++---------
 t/db_dependent/Reports/Guided.t |  2 ++
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/C4/Reports/Guided.pm b/C4/Reports/Guided.pm
index 481eb0962e..1f1dd80ca2 100644
--- a/C4/Reports/Guided.pm
+++ b/C4/Reports/Guided.pm
@@ -624,15 +624,9 @@ sub execute_query {
 
     return ( $sth, { queryerr => $sth->errstr } ) if ( $sth->err );
 
-    if ( $sql =~ m/password/ ) {
-        return ( $sth, { passworderr => "Illegal column in SQL" } );
-    }
-
-    foreach my $column ( @{ $sth->{NAME_lc} } ) {
-        if ( $column eq 'password' ) {
-            return ( $sth, { passworderr => "Illegal column in results" } );
-        }
-    }
+    # Check if table.* contained forbidden column names
+    return ( $sth, { passworderr => "Illegal column in results" } )
+        if Koha::Report->new->check_columns( undef, $sth->{NAME_lc} );
 
     return ($sth);
 }
diff --git a/t/db_dependent/Reports/Guided.t b/t/db_dependent/Reports/Guided.t
index 18bd7763d2..e84ccc2e00 100755
--- a/t/db_dependent/Reports/Guided.t
+++ b/t/db_dependent/Reports/Guided.t
@@ -1,3 +1,5 @@
+#!/usr/bin/perl
+
 # Copyright 2012 Catalyst IT Ltd.
 # Copyright 2015 Koha Development team
 #
-- 
2.39.5