Skip to content
Snippets Groups Projects

Preventing SQL Injections

Merged Preventing SQL Injections
uma.s/vtigercrm:Security_SQL_Injections into master
Merged Uma requested to merge uma.s/vtigercrm:Security_SQL_Injections into master
Compare
and
+ 16
8
Compare changes
  • Side-by-side
  • Inline
Files
cron/modules/SalesOrder/RecurringInvoice.service
+ 2
2
@@ -22,8 +22,8 @@ $sql="SELECT vtiger_salesorder.salesorderid, recurring_frequency, start_period,
payment_duration, invoice_status FROM vtiger_salesorder
INNER JOIN vtiger_crmentity ON vtiger_salesorder.salesorderid = vtiger_crmentity.crmid AND vtiger_crmentity.deleted = 0
INNER JOIN vtiger_invoice_recurring_info ON vtiger_salesorder.salesorderid = vtiger_invoice_recurring_info.salesorderid
WHERE DATE_FORMAT(start_period,'%Y-%m-%d') <= '$currentDate' AND DATE_FORMAT(end_period,'%Y-%m-%d') >= '$currentDate'";
$result = $adb->pquery($sql, array());
WHERE DATE_FORMAT(start_period,'%Y-%m-%d') <= ? AND DATE_FORMAT(end_period,'%Y-%m-%d') >= ?";
$result = $adb->pquery($sql, array($currentDate, $currentDate));
$no_of_salesorder = $adb->num_rows($result);
for($i=0; $i<$no_of_salesorder;$i++) {

Copyright 2023 Vtiger. All rights reserved.