]> git.koha-community.org Git - koha.git/commit
Bug 1953: refactoring C4::Koha::get_itemtypeinfos_of to eliminate potential SQL injection
authorAndrew Moore <andrew.moore@liblime.com>
Fri, 25 Jul 2008 20:31:11 +0000 (15:31 -0500)
committerJoshua Ferraro <jmf@liblime.com>
Sun, 27 Jul 2008 11:11:18 +0000 (06:11 -0500)
commit8b679f8d814974f5ddd4a410474267af2fa30fe5
treed3b378a399c314b515e7e13157cf325e37d0b8a8
parentac0d340bd5d5f009fdd07b9db2095b3980a31500
Bug 1953: refactoring C4::Koha::get_itemtypeinfos_of to eliminate potential SQL injection

C4::Koha::get_itemtypeinfos_of was not using plceholders, opening itself up to
potential SQL injection attacks. This patch refactors it to use placeholders to
bind parameters.
I also had to extend C4::koha::get_infos_of to allow us to pass bind parameters into it.
I'm including a test module for C4::Koha::get_itemtypeinfos_of.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
C4/Koha.pm
t/lib/KohaTest/Koha/get_itemtypeinfos_of.pm [new file with mode: 0644]