fixing wrong sql query (use of ?)

author tipaul <tipaul>

Tue, 28 Jan 2003 14:57:33 +0000 (14:57 +0000)

committer tipaul <tipaul>

Tue, 28 Jan 2003 14:57:33 +0000 (14:57 +0000)
author tipaul <tipaul>
Tue, 28 Jan 2003 14:57:33 +0000 (14:57 +0000)
committer tipaul <tipaul>
Tue, 28 Jan 2003 14:57:33 +0000 (14:57 +0000)
diff --git a/thesaurus_popup.pl b/thesaurus_popup.pl

index 3038b67..ba56402 100755 (executable)
--- a/thesaurus_popup.pl
+++ b/thesaurus_popup.pl
@@ -73,8 +73,8 @@ my %stdlib;
  my $select_list;
  if ($search_string) {
  #      my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where freelib like '".$search_string."%' and category ='$category'");
-       my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST ('$search_string') and category ='$category'");
-               $sti->execute;
+       my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST (?) and category ='$category'");
+       $sti->execute($search_string);
         while (my $line=$sti->fetchrow_hashref) {
                 $stdlib{$line->{'id'}} = "$line->{'freelib'}";
                 push(@freelib,$line->{'id'});