lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix escape

Browse Source
This commit is contained in:
Laurent Destailleur 2018-08-16 01:01:38 +02:00
parent 4b7889b295
commit 2719c4eb43
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/comm/propal/class/propal.class.php
View File

@ -1338,7 +1338,7 @@ class Propal extends CommonObject
if ($ref) {
$sql.= " AND p.entity IN (".getEntity('propal').")"; // Dont't use entity if you use rowid
$sql.= " AND p.ref='".$ref."'";
$sql.= " AND p.ref='".$this->db->escape($ref)."'";
}
else $sql.= " AND p.rowid=".$rowid;