github-mirror/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2026-03-27 23:29:25 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed a (theoretical, not practically relevant for the target use case of Grocy) SQL injection possibility (closes #2259)

Browse Source
This commit is contained in:
Bernd Bestel 2023-06-22 15:07:47 +02:00
parent 297cc57244
commit c415e2f8da
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
services/StockService.php
View File

@ -892,7 +892,7 @@ class StockService extends BaseService
return FindAllObjectsInArrayByPropertyValue($stockEntries, 'location_id', $locationId);
}
public function GetProductStockLocations($productId, $allowSubproductSubstitution = false)
public function GetProductStockLocations(int $productId, $allowSubproductSubstitution = false)
{
$sqlWhereProductId = 'product_id = ' . $productId;
if ($allowSubproductSubstitution)