From e4291ba12f1a48ab4514d17720c93a660af2ebdd Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sun, 3 Dec 2017 09:10:14 +0300 Subject: [PATCH] otpenable: use pdo prepare() --- classes/pref/prefs.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index cf1322f4..ab39b1e2 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -888,7 +888,7 @@ class Pref_Prefs extends Handler_Protected { if ($authenticator->check_password($_SESSION["uid"], $password)) { - $sth = $this->pdo->query("SELECT salt + $sth = $this->pdo->prepare("SELECT salt FROM ttrss_users WHERE id = ?"); $sth->execute([$_SESSION['uid']]);