Prevent SQL Injection (advice from Victor Perez)

Link to SF Tracker: http://sourceforge.net/support/tracker.php?aid=2214883
2010-02-27 09:02:32 +00:00 · 2010-02-27 09:02:32 +00:00 · 9aa3c31c35
parent 38396298cd
commit 9aa3c31c35
1 changed files with 1 additions and 1 deletions
--- a/base/src/org/compiere/model/MAccount.java
+++ b/base/src/org/compiere/model/MAccount.java
@ -358,7 +358,7 @@ public class MAccount extends X_C_ValidCombination
 	 *	@param where where clause
 	 *	@param trxName transaction
 	 */
-	public static void updateValueDescription (Properties ctx, String where, String trxName)
+	public static void updateValueDescription (Properties ctx, final String where, String trxName)
 	{
 		List<MAccount> accounts=  new Query(ctx,MAccount.Table_Name,where,trxName)
 		.setOrderBy(MAccount.COLUMNNAME_C_ValidCombination_ID).list();