Context Navigation

Back to Ticket #1387

Ticket #1387: sql-inject-breakpoints.diff

File sql-inject-breakpoints.diff, 1.5 KB (added by tome, 16 months ago)
Diff to use parameter markers in Breakpoints.pm

Padre/Breakpoints.pm

     my %bp_action;
     $bp_action{line} = $bp_line;
+    if ( $#{ $debug_breakpoints->select("WHERE filename = \"$current_file\" AND line_number = \"$bp_line\"") } >= 0 ) {
+    if ( $#{ $debug_breakpoints->select("WHERE filename = ? AND line_number = ?", $current_file, $bp_line ) } >= 0 ) {
         # say 'delete me';
         $editor->MarkerDelete( $bp_line - 1, Padre::Constant::MARKER_BREAKPOINT() );
         $editor->MarkerDelete( $bp_line - 1, Padre::Constant::MARKER_NOT_BREAKABLE() );
         $debug_breakpoints->delete("WHERE filename = \"$current_file\" AND line_number = \"$bp_line\"");
+        $debug_breakpoints->delete("WHERE filename = ? AND line_number = ?", $current_file, $bp_line);
         $bp_action{action} = 'delete';
     } else {
         # say 'create me';
         $editor->MarkerAdd( $bp_line - 1, Padre::Constant::MARKER_BREAKPOINT() );
         $debug_breakpoints->create(
 …
     my $editor            = Padre::Current->editor;
     my $debug_breakpoints = ('Padre::DB::DebugBreakpoints');
     my $current_file      = $editor->{Document}->filename;
     my $sql_select        = "WHERE BY filename = \"$current_file\" ASC, line_number ASC";
     my @tuples            = $debug_breakpoints->select($sql_select);
+    my $sql_select        = "WHERE BY filename = ? ASC, line_number ASC";
+    my @tuples            = $debug_breakpoints->select($sql_select, $current_file);
     for ( 0 .. $#tuples ) {

Download in other formats:

Original Format

WIKI for Padre, The Perl IDE

Welcome, to the Well of all Padre knowledge, Please Register, Login and join in

Context Navigation

Ticket #1387: sql-inject-breakpoints.diff

Padre/Breakpoints.pm

Download in other formats: