Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #159 from AntiGameZ/master

Count method's 2 parameter overload isn't SQL-injection proof
  • Loading branch information...
commit 0726eb304db05e54160461b2d9cf8c9105ed1014 2 parents a20db22 + efe2316
@robconery robconery authored
Showing with 2 additions and 2 deletions.
  1. +2 −2 Massive.cs
View
4 Massive.cs
@@ -585,8 +585,8 @@ private dynamic BuildPagedResult(string sql = "", string primaryKeyField = "", s
public int Count() {
return Count(TableName);
}
- public int Count(string tableName, string where="") {
- return (int)Scalar("SELECT COUNT(*) FROM " + tableName+" "+where);
+ public int Count(string tableName, string where="", params object[] args) {
+ return (int)Scalar("SELECT COUNT(*) FROM " + tableName+" "+ where, args);
}
/// <summary>
Please sign in to comment.
Something went wrong with that request. Please try again.