mike/wishlist
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Bugfix: Correct syntax for prepared statement in "copy" action

Browse source
This commit is contained in:
Mike Javorski 2023-11-29 11:29:00 -08:00
parent 0503a9b5ce
commit ab4815fd88
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/shop.php
View file

@ -66,7 +66,7 @@ if (!empty($_GET["action"])) {
$price = (float) $row["price"];
$cat = (int) $row["category"];
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,description,price,source,url,comment,category,ranking,quantity) VALUES(?, ?, ?, ?, ?, ?, ?, 1, 1");
$stmt = $smarty->dbh()->prepare("INSERT INTO {$opt["table_prefix"]}items(userid,description,price,source,url,comment,category,ranking,quantity) VALUES(?, ?, ?, ?, ?, ?, ?, 1, 1)");
$stmt->bindParam(1, $userid, PDO::PARAM_INT);
$stmt->bindParam(2, $desc, PDO::PARAM_STR);
$stmt->bindParam(3, $price);