mirror of
https://github.com/retailcrm/opencart-module.git
synced 2024-11-21 12:46:06 +03:00
added escaping for db query in method for getting zone
This commit is contained in:
parent
62605b11ed
commit
f5f55dd449
@ -124,6 +124,7 @@ class DataRepository extends \retailcrm\Base {
|
||||
* @return array
|
||||
*/
|
||||
public function getZoneByName($name) {
|
||||
$name = $this->db->escape($name);
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE name = '" . $name . "'");
|
||||
|
||||
return $query->row;
|
||||
|
Loading…
Reference in New Issue
Block a user