Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Count() method isn't SQL-Inject proof

  • Loading branch information...
commit efe231645bc7b710ac178a6622899bb7bfb424ec 1 parent 32b0dee
@AntiGameZ authored
Showing with 2 additions and 2 deletions.
  1. +2 −2 Massive.cs
View
4 Massive.cs
@@ -585,8 +585,8 @@ private dynamic BuildPagedResult(string sql = "", string primaryKeyField = "", s
public int Count() {
return Count(TableName);
}
- public int Count(string tableName, string where="") {
- return (int)Scalar("SELECT COUNT(*) FROM " + tableName+" "+where);
+ public int Count(string tableName, string where="", params object[] args) {
+ return (int)Scalar("SELECT COUNT(*) FROM " + tableName+" "+ where, args);
}
/// <summary>

1 comment on commit efe2316

@robconery

This still isn't SQL Injection proof :)

Please sign in to comment.
Something went wrong with that request. Please try again.