diff options
author | Dries Buytaert <dries@buytaert.net> | 2010-05-05 16:51:30 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2010-05-05 16:51:30 +0000 |
commit | 526558401680f5d8b402823dbd5d40fd17620980 (patch) | |
tree | f65e822fb4e8eb83e0e16816dd80213fe3916530 /modules/openid | |
parent | 89f2567961f41887e8cd8d03e56f70b5ba75694a (diff) | |
download | brdo-526558401680f5d8b402823dbd5d40fd17620980.tar.gz brdo-526558401680f5d8b402823dbd5d40fd17620980.tar.bz2 |
- Patch #769554 by jpmckinney, Berdir, cha0s: fixed trivial SQL injection(s) with SelectQuery.
Diffstat (limited to 'modules/openid')
-rw-r--r-- | modules/openid/openid.module | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/openid/openid.module b/modules/openid/openid.module index ebd63f0bb..45b6714b2 100644 --- a/modules/openid/openid.module +++ b/modules/openid/openid.module @@ -550,7 +550,7 @@ function openid_association($op_endpoint) { // Remove Old Associations: db_delete('openid_association') - ->condition('created + expires_in', REQUEST_TIME, '<') + ->where('created + expires_in < :request_time', array(':request_time' => REQUEST_TIME)) ->execute(); // Check to see if we have an association for this IdP already |