]> git.wh0rd.org - tt-rss.git/blobdiff - classes/rpc.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
completeLabels: use prepare() not query()
[tt-rss.git] / classes / rpc.php
diff --git a/classes/rpc.php b/classes/rpc.php
index dd592b4d46010633076fa3fdfd78b8228523dc24..cc036736fb37f78fc8b647e5112cccad83bdc76c 100755 (executable)
--- a/classes/rpc.php
+++ b/classes/rpc.php
@@ -334,7 +334,7 @@ class RPC extends Handler_Protected {
        function completeLabels() {
                $search = $_REQUEST["search"];
 
-               $sth = $this->pdo->query("SELECT DISTINCT caption FROM
+               $sth = $this->pdo->prepare("SELECT DISTINCT caption FROM
                                ttrss_labels2
                                WHERE owner_uid = ? AND
                                LOWER(caption) LIKE LOWER(?) ORDER BY caption
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/