From 9aa3c31c358fbf6064d3695ea362ee2ce89bdb7b Mon Sep 17 00:00:00 2001 From: "Redhuan D. Oon" Date: Sat, 27 Feb 2010 09:02:32 +0000 Subject: [PATCH] Prevent SQL Injection (advice from Victor Perez) Link to SF Tracker: http://sourceforge.net/support/tracker.php?aid=2214883 --- base/src/org/compiere/model/MAccount.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/src/org/compiere/model/MAccount.java b/base/src/org/compiere/model/MAccount.java index 9cf01e404d..9c221ecdf9 100644 --- a/base/src/org/compiere/model/MAccount.java +++ b/base/src/org/compiere/model/MAccount.java @@ -358,7 +358,7 @@ public class MAccount extends X_C_ValidCombination * @param where where clause * @param trxName transaction */ - public static void updateValueDescription (Properties ctx, String where, String trxName) + public static void updateValueDescription (Properties ctx, final String where, String trxName) { List accounts= new Query(ctx,MAccount.Table_Name,where,trxName) .setOrderBy(MAccount.COLUMNNAME_C_ValidCombination_ID).list();