function _coder_6x_unquoted_sql_placeholders in Coder 6
Same name and namespace in other branches
- 5.2 includes/coder_security.inc \_coder_6x_unquoted_sql_placeholders()
1 string reference to '_coder_6x_unquoted_sql_placeholders'
- coder_security_reviews in includes/
coder_security.inc - Implementation of hook_reviews().
File
- includes/
coder_security.inc, line 108 - This include file implements coder functionality for Drupal Standards.
Code
function _coder_6x_unquoted_sql_placeholders() {
return array(
'#warning' => t('SQL query handling data in a potentially insecure way by using the %%s placeholder without wrapping it in single quotes. This is a potential source of SQL injection attacks when the value can come from user data.'),
);
}