[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SF.net SVN: ledger-smb:[2468] trunk/LedgerSMB/DBObject.pm

Subject: SF.net SVN: ledger-smb:[2468] trunk/LedgerSMB/DBObject.pm
From: ..hidden..
Date: Fri, 27 Feb 2009 01:11:41 +0000

Revision: 2468
          http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=2468&view=rev
Author:   einhverfr
Date:     2009-02-27 01:11:41 +0000 (Fri, 27 Feb 2009)

Log Message:
-----------
Correcting security issue with ordering API

Modified Paths:
--------------
    trunk/LedgerSMB/DBObject.pm

Modified: trunk/LedgerSMB/DBObject.pm
===================================================================
--- trunk/LedgerSMB/DBObject.pm	2009-02-27 01:03:17 UTC (rev 2467)
+++ trunk/LedgerSMB/DBObject.pm	2009-02-27 01:11:41 UTC (rev 2468)
@@ -89,7 +89,8 @@
 
 sub set_ordering {
     my ($self, $args) = @_;
-    $self->{_order_method}->{$args->{method}} = $args->{column};
+    $self->{_order_method}->{$args->{method}} = 
+		$self->{dbh}->quote_identifier($args->{column});
 }
 
 sub exec_method {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.

Prev by Date: SF.net SVN: ledger-smb:[2467] trunk/UI/reconciliation/report.html
Next by Date: SF.net SVN: ledger-smb:[2469] trunk/scripts/recon.pl
Previous by thread: SF.net SVN: ledger-smb:[2467] trunk/UI/reconciliation/report.html
Next by thread: SF.net SVN: ledger-smb:[2469] trunk/scripts/recon.pl
Index(es):
- Date
- Thread