Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix escape

Browse Source
This commit is contained in:
Laurent Destailleur
2020-09-19 23:11:38 +02:00
parent d38168f49e
commit 2c660504bb
23 changed files with 40 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/admin/commande.php
View File

@@ -357,7 +357,7 @@ print load_fiche_titre($langs->trans("OrdersModelModule"), '', '');
$def = array();
$sql = "SELECT nom";
$sql .= " FROM ".MAIN_DB_PREFIX."document_model";
$sql .= " WHERE type = '".$type."'";
$sql .= " WHERE type = '".$db->escape($type)."'";
$sql .= " AND entity = ".$conf->entity;
$resql = $db->query($sql);
if ($resql)