From 85eff780aec5a37ea7fda0300bdb9b03b6fee537 Mon Sep 17 00:00:00 2001
From: tipaul <tipaul>
Date: Sat, 25 Oct 2003 08:50:39 +0000
Subject: [PATCH] bugfix : use of '$var' instead of ? in sql statement

---
 value_builder/unimarc_field_700_701_702.pl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/value_builder/unimarc_field_700_701_702.pl b/value_builder/unimarc_field_700_701_702.pl
index d0009ce600..dd899d01ab 100644
--- a/value_builder/unimarc_field_700_701_702.pl
+++ b/value_builder/unimarc_field_700_701_702.pl
@@ -121,8 +121,8 @@ sub plugin {
 	}
 	if ($search_string) {
 	#	my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where freelib like '".$search_string."%' and category ='$category'");
-		my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST ('$search_string') and category ='NP'");
-		$sti->execute;
+		my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST (?) and category ='NP'");
+		$sti->execute($search_string);
 		while (my $line=$sti->fetchrow_hashref) {
 			$stdlib{$line->{'id'}} = "$line->{'freelib'}";
 			push(@freelib,$line->{'id'});
-- 
2.20.1