You are here

function _coder_6x_unquoted_sql_placeholders in Coder 5.2

Same name and namespace in other branches
  1. 6 includes/coder_security.inc \_coder_6x_unquoted_sql_placeholders()
1 string reference to '_coder_6x_unquoted_sql_placeholders'
coder_security_reviews in includes/coder_security.inc
Implementation of hook_reviews().

File

includes/coder_security.inc, line 104
This include file implements coder functionality for Drupal Standards.

Code

function _coder_6x_unquoted_sql_placeholders() {
  return array(
    '#warning' => t('SQL query handling data in a potentially insecure way by using the %s placeholder without wrapping it in single quotes.  This is a potential source of SQL injection attacks when the value can come from user data.'),
  );
}