diff options
author | Andrew Dolgov <[email protected]> | 2017-12-03 09:06:43 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2017-12-03 09:06:43 +0300 |
commit | 731ecac5306f6463cc98006091dd95fad2b81cc5 (patch) | |
tree | 73dad18e92815b4effdd3ec97af008f37b695912 | |
parent | ed5cd6eae58dabfb8fb3c6bd846670f064c2383e (diff) |
completeLabels: use prepare() not query()
-rwxr-xr-x | classes/rpc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/rpc.php b/classes/rpc.php index dd592b4d4..cc036736f 100755 --- a/classes/rpc.php +++ b/classes/rpc.php @@ -334,7 +334,7 @@ class RPC extends Handler_Protected { function completeLabels() { $search = $_REQUEST["search"]; - $sth = $this->pdo->query("SELECT DISTINCT caption FROM + $sth = $this->pdo->prepare("SELECT DISTINCT caption FROM ttrss_labels2 WHERE owner_uid = ? AND LOWER(caption) LIKE LOWER(?) ORDER BY caption |