From c24f5facf43ae43c3390931591248cac8f09c1a5 Mon Sep 17 00:00:00 2001
From: christopherm <christopherm@4979c152-3d1c-0410-bac9-87ea11338e46>
Date: Sun, 12 Nov 2006 21:34:51 +0000
Subject: fixing unparametrised query

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@537 4979c152-3d1c-0410-bac9-87ea11338e46
---
 LedgerSMB/User.pm | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/LedgerSMB/User.pm b/LedgerSMB/User.pm
index 95f3fc4f..7eb58a45 100755
--- a/LedgerSMB/User.pm
+++ b/LedgerSMB/User.pm
@@ -804,9 +804,8 @@ sub save_member {
 		# add login to employee table if it does not exist
 		my $login = $self->{login};
 		$login =~ s/@.*//;
-		my $query = qq|SELECT id FROM employee WHERE login = '$login'|;
-		my $sth = $dbh->prepare($query);
-		$sth->execute;
+		my $sth = $dbh->prepare("SELECT id FROM employee WHERE login = ?;");
+		$sth->execute($login);
 
 		my ($id) = $sth->fetchrow_array;
 		$sth->finish;
-- 
cgit v1.2.3