WHERE vc.shelfnumber=? ";
my @params = ($shelfnumber);
if($sortfield) {
- $query .= " ORDER BY " . $sortfield;
- $query .= " DESC " if ( ( $sortfield eq 'copyrightdate' ) || ( $sort_direction eq 'desc' ) );
+ $query .= " ORDER BY " . $dbh->quote_identifier( $sortfield );
+ $query .= " DESC " if ( $sort_direction eq 'desc' );
}
if($row_count){
$query .= " LIMIT ?, ? ";