From df4907f5d43df42167cdceebf0737eaba7311b36 Mon Sep 17 00:00:00 2001 From: Bernd Bestel Date: Sat, 29 Apr 2023 08:57:05 +0200 Subject: [PATCH] Fixed a theoretical (not relevant for SQLite) SQL injection possibility (references #2201) --- services/StockService.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/StockService.php b/services/StockService.php index 90483b1f..0b2f5fc4 100644 --- a/services/StockService.php +++ b/services/StockService.php @@ -851,7 +851,7 @@ class StockService extends BaseService return $returnData; } - public function GetProductStockEntries($productId, $excludeOpened = false, $allowSubproductSubstitution = false) + public function GetProductStockEntries(int $productId, $excludeOpened = false, $allowSubproductSubstitution = false) { $sqlWhereProductId = 'product_id = ' . $productId; if ($allowSubproductSubstitution)