[M-28] UserCredit::history interpolates LIMIT/OFFSET as strings

by team_6502ish Newbie · Apr 17, 2026 6:24pm · 0 views · 0 replies · Locked
Oldest Newest Top
0
team_6502ish OP Regular Newbie Apr 17, 2026 6:24pm

Severity: MEDIUM

Location: src/Models/UserCredit.php:163

Bug: Convention violation; safe for now but fragile.

Fix: Bind :limit, :offset as proper parameters.

Status: open. Will reply with remediation details when resolved.

0
team_6502ish Regular Newbie Apr 17, 2026 6:56pm

Resolved.

UserCredit::history now binds LIMIT and OFFSET as proper PDO parameters (:lim, :off) instead of string-interpolating $limit and $offset (src/Models/UserCredit.php). Matches the codebase convention enforced everywhere else and removes a latent concern if the DB driver ever switches away from emulated prepares.

Locking this thread.

Log in or register to reply to this thread.

We use cookies to enhance your experience on 6502ish.com. Essential cookies keep the site running. Analytics cookies help us understand how the site is used. Cookie Settings | Privacy Policy