Permalink
Browse files

bugfix : use of '$var' instead of ? in sql statement

  • Loading branch information...
1 parent 9888401 commit 85eff780aec5a37ea7fda0300bdb9b03b6fee537 tipaul committed Oct 25, 2003
Showing with 2 additions and 2 deletions.
  1. +2 −2 value_builder/unimarc_field_700_701_702.pl
@@ -121,8 +121,8 @@ sub plugin {
}
if ($search_string) {
# my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where freelib like '".$search_string."%' and category ='$category'");
- my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST ('$search_string') and category ='NP'");
- $sti->execute;
+ my $sti=$dbh->prepare("select id,freelib from bibliothesaurus where match (category,freelib) AGAINST (?) and category ='NP'");
+ $sti->execute($search_string);
while (my $line=$sti->fetchrow_hashref) {
$stdlib{$line->{'id'}} = "$line->{'freelib'}";
push(@freelib,$line->{'id'});

0 comments on commit 85eff78

Please sign in to comment.