phares3757/mesa-fab-approval
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use query params for user strings

Browse Source
This commit is contained in:
Chase Tucker
2025-06-04 09:30:39 -07:00
parent 65a433e9ab
commit 4871668a90
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
MesaFabApproval.API/Services/PCRBService.cs
View File

@ -169,9 +169,9 @@ public class PCRBService : IPCRBService {
if (!bypassCache) pcrb = _cache.Get<PCRB>($"pcrb{title}");
if (pcrb is null) {
string sql = $"select * from CCChangeControl where Title='{title}'";
string sql = "select * from CCChangeControl where Title=@Title";
pcrb = (await _dalService.QueryAsync<PCRB>(sql)).FirstOrDefault();
pcrb = (await _dalService.QueryAsync<PCRB>(sql, new { Title = title })).FirstOrDefault();
if (pcrb is not null) {
if (string.IsNullOrWhiteSpace(pcrb.OwnerName) && pcrb.OwnerID > 0)