Bug 13364: Use SQL placeholder

author Jonathan Druart <jonathan.druart@biblibre.com>

Fri, 17 Apr 2015 10:06:49 +0000 (12:06 +0200)

committer Tomas Cohen Arazi <tomascohen@gmail.com>

Wed, 6 May 2015 14:17:02 +0000 (11:17 -0300)
author Jonathan Druart <jonathan.druart@biblibre.com>
Fri, 17 Apr 2015 10:06:49 +0000 (12:06 +0200)
committer Tomas Cohen Arazi <tomascohen@gmail.com>
Wed, 6 May 2015 14:17:02 +0000 (11:17 -0300)
diff --git a/cataloguing/value_builder/cn_browser.pl b/cataloguing/value_builder/cn_browser.pl

index 44a65df..9aa2631 100755 (executable)
--- a/cataloguing/value_builder/cn_browser.pl
+++ b/cataloguing/value_builder/cn_browser.pl
@@ -82,12 +82,12 @@ sub plugin {
          FROM items AS i
          JOIN biblio AS b USING (biblionumber)
          LEFT OUTER JOIN branches ON (branches.branchcode = homebranch)
-        WHERE cn_sort < '$cn_sort'
+        WHERE cn_sort < ?
          AND itemcallnumber != ''
          ORDER BY cn_sort DESC, itemnumber
          LIMIT $real_limit;";
          $sth = $dbh->prepare($query);
-        $sth->execute();
+        $sth->execute($cn_sort);
          while ( my $data = $sth->fetchrow_hashref ) {
              if ( $data->{itemcallnumber} eq $q ) {
                  $data->{background} = 'red';
@@ -102,7 +102,6 @@ sub plugin {
              unshift @cn, $data;
          }
          $rows_lt = $sth->rows;
-        $sth->finish;
      }
  
      if ( $search ne $lt ) {
author	Jonathan Druart <jonathan.druart@biblibre.com>
	Fri, 17 Apr 2015 10:06:49 +0000 (12:06 +0200)
committer	Tomas Cohen Arazi <tomascohen@gmail.com>
	Wed, 6 May 2015 14:17:02 +0000 (11:17 -0300)