changes based on review

erik-krogh · erik-krogh · commit 9aeba4f31edc · 2023-06-01T17:24:44.000+02:00
diff --git a/javascript/ql/src/Security/CWE-089/SqlInjection.inc.qhelp b/javascript/ql/src/Security/CWE-089/SqlInjection.inc.qhelp
@@ -40,7 +40,7 @@ an HTTP request handler in a web application, whose parameter
 <p>
 The handler constructs constructs an SQL query string from user input
 and executes it as a database query using the <code>pg</code> library. 
-THe user input may contain quote characters, so this code is vulnerable
+The user input may contain quote characters, so this code is vulnerable
 to a SQL injection attack.
 </p>
 
diff --git a/javascript/ql/src/Security/CWE-089/examples/SqlInjectionFix.js b/javascript/ql/src/Security/CWE-089/examples/SqlInjectionFix.js
@@ -5,7 +5,7 @@ const app = require("express")(),
 app.get("search", function handler(req, res) {
   // GOOD: use parameters
   var query2 =
-    "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1" + " ORDER BY PRICE";
+    "SELECT ITEM,PRICE FROM PRODUCT WHERE ITEM_CATEGORY=$1 ORDER BY PRICE";
   pool.query(query2, [req.params.category], function(err, results) {
     // process results
   });
