github-mirror/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2026-03-28 07:39:25 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fixed a theoretical (not relevant for SQLite) SQL injection possibility (references #2201)

Browse Source
This commit is contained in:
Bernd Bestel 2023-04-29 08:57:05 +02:00
parent a4992ff602
commit df4907f5d4
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
services/StockService.php
View File

@ -851,7 +851,7 @@ class StockService extends BaseService
return $returnData; return $returnData;
} }
public function GetProductStockEntries($productId, $excludeOpened = false, $allowSubproductSubstitution = false) public function GetProductStockEntries(int $productId, $excludeOpened = false, $allowSubproductSubstitution = false)
{ {
$sqlWhereProductId = 'product_id = ' . $productId; $sqlWhereProductId = 'product_id = ' . $productId;
if ($allowSubproductSubstitution) if ($allowSubproductSubstitution)