Permalink
Browse files

Prevent possible SQL injection problem.

  • Loading branch information...
1 parent 53e31e4 commit 90b150ad7eb15cb96e3aa5dd1390e38e82f96908 mike committed Feb 3, 2011
Showing with 3 additions and 2 deletions.
  1. +3 −2 lib/Vend/Table/DBI.pm
View
@@ -1740,8 +1740,9 @@ sub delete_record {
);
return undef;
}
- $key = $s->[$DBI]->quote($key)
- unless exists $s->[$CONFIG]{NUMERIC}{$s->[$KEY]};
+ unless( exists $s->[$CONFIG]{NUMERIC}{$s->[$KEY]} and $key =~ /^\d+$/) {
+ $key = $s->[$WDBI]->quote($key)
+ }
$s->[$DBI]->do("delete from $s->[$TABLE] where $s->[$KEY] = $key");
}

0 comments on commit 90b150a

Please sign in to comment.