projects / kivitendo-erp.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'f-cvar-htmlfield'
[kivitendo-erp.git] / SL / Form.pm
diff --git a/SL/Form.pm b/SL/Form.pm
index 52d222b..29d9d6c 100644 (file)
--- a/SL/Form.pm
+++ b/SL/Form.pm
@@ -2986,7 +2986,7 @@ sub get_history {
       qq|SELECT h.employee_id, h.itime::timestamp(0) AS itime, h.addition, h.what_done, emp.name, h.snumbers, h.trans_id AS id | .
       qq|FROM history_erp h | .
       qq|LEFT JOIN employee emp ON (emp.id = h.employee_id) | .
-      qq|WHERE (trans_id = | . $trans_id . qq|) $restriction | .
+      qq|WHERE (trans_id = | . $dbh->quote($trans_id) . qq|) $restriction | .
       $order;
 
     my $sth = $dbh->prepare($query) || $self->dberror($query);
Unnamed repository; edit this file 'description' to name the repository.