Skip to content

Commit

Permalink
Merge pull request #587 from sipcapture/alert-autofix-10
Browse files Browse the repository at this point in the history 
Fix code scanning alert no. 10: Database query built from user-controlled sources
  • Loading branch information
@adubovikov
adubovikov authored Jan 7, 2025
2 parents 7117a3b + c6b1031 commit 3103633
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions data/service/userSettings.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ func (ss *UserSettingsService) Get(userObject *model.TableUserSettings, UserName

if err := ss.Session.Debug().
Table("user_settings").
Where(sqlWhere).Find(&data).Error; err != nil {
Where("guid = ? AND username = ?", userObject.GUID, UserName).Find(&data).Error; err != nil {
return data, err
}
return data, nil
Expand All @@ -197,7 +197,7 @@ func (ss *UserSettingsService) Delete(userObject *model.TableUserSettings, UserN

if err := ss.Session.Debug().
Table("user_settings").
Where(sqlWhere).
Where("guid = ? AND username = ?", userObject.GUID, UserName).
Delete(model.TableUserSettings{}).Error; err != nil {
return err
}
Expand All @@ -220,7 +220,7 @@ func (ss *UserSettingsService) Update(userObject *model.TableUserSettings, UserN
Table("user_settings").
Debug().
Model(&model.TableUserSettings{}).
Where(sqlWhere).Update(userObject).Error; err != nil {
Where("guid = ? AND username = ?", userObject.GUID, UserName).Update(userObject).Error; err != nil {
return err
}
return nil
Expand Down

0 comments on commit 3103633

Please sign in to comment.