Fixed PDO query to prepared statement in API::updateArticles.

This commit is contained in:
JustAMacUser 2017-12-02 14:08:55 -05:00
parent bf6db17b8f
commit 1a05210933

View file

@ -297,7 +297,7 @@ class API extends Handler {
$num_updated = $sth->rowCount();
if ($num_updated > 0 && $field == "unread") {
$sth = $this->pdo->query("SELECT DISTINCT feed_id FROM ttrss_user_entries
$sth = $this->pdo->prepare("SELECT DISTINCT feed_id FROM ttrss_user_entries
WHERE ref_id IN ($article_qmarks)");
$sth->execute($article_ids);