From 8454c1cb20df42abf33713d9d4366f459fff8ab1 Mon Sep 17 00:00:00 2001 From: Maykel Geerdink Date: Tue, 16 Feb 2016 10:08:56 +0000 Subject: [PATCH] =?UTF-8?q?FSN#33658:=20potenti=C3=ABle=20SQL-injections?= =?UTF-8?q?=20aangepast.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit svn path=/Website/trunk/; revision=28184 --- APPL/PRS/kpn_mandate_list.inc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/APPL/PRS/kpn_mandate_list.inc b/APPL/PRS/kpn_mandate_list.inc index 6e92f4f581..3498117929 100644 --- a/APPL/PRS/kpn_mandate_list.inc +++ b/APPL/PRS/kpn_mandate_list.inc @@ -93,12 +93,12 @@ function kpn_mandate_list(authparams, params) + " CASE" + " WHEN pk.prs_perslidkostenplaats_boeken = 1 " + " THEN " + safe.quoted_sql(L('lcl_yes')) - + " ELSE " + quoted_sql(L('lcl_no')) + + " ELSE " + safe.quoted_sql(L('lcl_no')) + " END boeken, " + " CASE" + " WHEN pk.prs_perslidkostenplaats_inzage = 1 " - + " THEN " + quoted_sql(L('lcl_yes')) - + " ELSE " + quoted_sql(L('lcl_no')) + + " THEN " + safe.quoted_sql(L('lcl_yes')) + + " ELSE " + safe.quoted_sql(L('lcl_no')) + " END inzage, " + " k.prs_kostenplaats_key, " + " k.prs_perslid_key verantwoordelijke_key, "