Browse Source

Fixed PDO query to prepared statement in API::updateArticles.

JustAMacUser 2 years ago
parent
commit
1a05210933
1 changed files with 1 additions and 1 deletions
  1. 1 1
      classes/api.php

+ 1 - 1
classes/api.php

@@ -297,7 +297,7 @@ class API extends Handler {
 			$num_updated = $sth->rowCount();
 
 			if ($num_updated > 0 && $field == "unread") {
-				$sth = $this->pdo->query("SELECT DISTINCT feed_id FROM ttrss_user_entries
+				$sth = $this->pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
 					WHERE ref_id IN ($article_qmarks)");
 				$sth->execute($article_ids);