From 76dc65f2caaafd64e412c70ee667fd4123acbbe6 Mon Sep 17 00:00:00 2001
From: slef <slef>
Date: Wed, 3 Dec 2003 11:43:12 +0000
Subject: [PATCH] DBI fixes as part of bug 662

---
 C4/Circulation.pm | 20 ++++++++------------
 1 file changed, 8 insertions(+), 12 deletions(-)

diff --git a/C4/Circulation.pm b/C4/Circulation.pm
index a30ec952d2..829b849117 100755
--- a/C4/Circulation.pm
+++ b/C4/Circulation.pm
@@ -168,33 +168,29 @@ sub checkreserve{
   # does not look at constraints yet
   my ($env,$dbh,$itemnum)=@_;
   my $resbor = "";
-  my $query = "select * from reserves,items
-  where (items.itemnumber = '$itemnum')
+  my $sth = $dbh->prepare("select * from reserves,items
+  where (items.itemnumber = ?)
   and (items.biblionumber = reserves.biblionumber)
-  and (reserves.found is null) order by priority";
-  my $sth = $dbh->prepare($query);
-  $sth->execute();
+  and (reserves.found is null) order by priority");
+  $sth->execute($itemnum);
   if (my $data=$sth->fetchrow_hashref) {
     $resbor = $data->{'borrowernumber'};
   }
-  return ($resbor);
   $sth->finish;
+  return ($resbor);
 }
 
 sub checkwaiting{
   # check for reserves waiting
   my ($env,$dbh,$bornum)=@_;
   my @itemswaiting="";
-  my $query = "select * from reserves
-  where (borrowernumber = '$bornum')
-  and (reserves.found='W')";
-  my $sth = $dbh->prepare($query);
-  $sth->execute();
+  my $sth = $dbh->prepare("select * from reserves where (borrowernumber = ?) and (reserves.found='W')");
+  $sth->execute($bornum);
   if (my $data=$sth->fetchrow_hashref) {
     push @itemswaiting,$data->{'itemnumber'};
   }
-  return (\@itemswaiting);
   $sth->finish;
+  return (\@itemswaiting);
 }
 
 # FIXME - This is identical to &C4::Circulation/Main::scanbook
-- 
2.39.5