valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed PDO query to prepared statement in API::updateArticles.

This commit is contained in:
JustAMacUser 2017-12-02 14:08:55 -05:00
parent bf6db17b8f
commit 1a05210933
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classes/api.php
View File

@ -297,7 +297,7 @@ class API extends Handler {
$num_updated = $sth->rowCount();
if ($num_updated > 0 && $field == "unread") {
$sth = $this->pdo->query("SELECT DISTINCT feed_id FROM ttrss_user_entries
$sth = $this->pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
WHERE ref_id IN ($article_qmarks)");
$sth->execute($article_ids);