From d38fe0e5cab4a7efaba8a79a22a85b0e67817441 Mon Sep 17 00:00:00 2001 From: "terry%mozilla.org" <> Date: Wed, 8 Mar 2000 02:22:41 +0000 Subject: Patch by Brian Duggan -- security improvements. --- reports.cgi | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'reports.cgi') diff --git a/reports.cgi b/reports.cgi index 6c8ededcf..805de8da9 100755 --- a/reports.cgi +++ b/reports.cgi @@ -206,7 +206,7 @@ and bugs.reporter = report.userid FIN if( $::FORM{'product'} ne "-All-" ) { - $query .= "and bugs.product='$::FORM{'product'}'"; + $query .= "and bugs.product=".SqlQuote($::FORM{'product'}); } $query .= <