Skip to content
Snippets Groups Projects
Select Git revision
  • 12.4
  • main default
  • 11.5
  • 13.3
  • l10n_main
  • 13.1
  • 13.0
  • l10n_12.4
  • 10.4
  • 12.1
  • 9.5
  • 11.3
  • master
  • 11.1
  • TYPO3_8-7
  • 10.2
  • 9.3
  • 9.2
  • TYPO3_7-6
  • TYPO3_7-0
  • v13.3.1
  • v12.4.21
  • v11.5.40
  • v13.3.0
  • v12.4.20
  • v12.4.19
  • v12.4.18
  • v11.5.39
  • v12.4.17
  • v13.2.1
  • v13.2.0
  • v12.4.16
  • v11.5.38
  • v13.1.1
  • v12.4.15
  • v11.5.37
  • v13.1.0
  • v12.4.14
  • v12.4.13
  • v12.4.12
40 results
Compare History
user avatar
[TASK] Refactor use of queryBuilder to use prepared statements
Manuel Selbach authored 
To remove the susceptiblity to errors of SQL injections within the core
the principle of prepared statements should be followed for all queries.
Even variables which will be casted to e.g. an integer should use
setParameter(), setParameters() or createNamedParameter().

Change-Id: I7d6d256a199ba05f75791eb01f38b3b89b421989
Resolves: #78437
Releases: master
Reviewed-on: https://review.typo3.org/50090


Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: default avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: default avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: default avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: default avatarChristian Kuhn <lolli@schwarzbu.ch>
d478cbe9
Name Last commit Last update
..