From d1637d34b53d1697ff6821fd09ccadfda412f39f Mon Sep 17 00:00:00 2001
From: amillar <amillar>
Date: Tue, 28 May 2002 20:39:40 +0000
Subject: [PATCH] Change DBI execut on some queries to bound parameters, to
 eliminate run-time errors on empty variables

---
 C4/Search.pm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/C4/Search.pm b/C4/Search.pm
index d98b25fba3..f40d1a0e27 100755
--- a/C4/Search.pm
+++ b/C4/Search.pm
@@ -891,9 +891,9 @@ sub subject {
 sub addauthor {
   my ($bibnum)=@_;
   my $dbh=C4Connect;
-  my $query="Select * from additionalauthors where biblionumber=$bibnum";
+  my $query="Select * from additionalauthors where biblionumber=?";
   my $sth=$dbh->prepare($query);
-  $sth->execute;
+  $sth->execute($bibnum);
   my @results;
   my $i=0;
   while (my $data=$sth->fetchrow_hashref){
@@ -908,9 +908,9 @@ sub addauthor {
 sub subtitle {
   my ($bibnum)=@_;
   my $dbh=C4Connect;
-  my $query="Select * from bibliosubtitle where biblionumber=$bibnum";
+  my $query="Select * from bibliosubtitle where biblionumber=?";
   my $sth=$dbh->prepare($query);
-  $sth->execute;
+  $sth->execute($bibnum);
   my @results;
   my $i=0;
   while (my $data=$sth->fetchrow_hashref){
-- 
2.39.5