From 3820023bbb5f82c5bd050f52e783c6deb287a2b8 Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Tue, 8 Sep 2020 10:53:26 +1200 Subject: [PATCH] Use api function for limit. Fix #459 --- attendance.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/attendance.php b/attendance.php index 2784aa5..d5735e3 100644 --- a/attendance.php +++ b/attendance.php @@ -59,8 +59,8 @@ if ($attforsession->rotateqrcode == 1) { } else { // Check password. $sql = 'SELECT * FROM {attendance_rotate_passwords}'. - ' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC LIMIT 2'; - $qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin]); + ' WHERE attendanceid = ? AND expirytime > ? ORDER BY expirytime ASC'; + $qrpassdatabase = $DB->get_records_sql($sql, ['attendanceid' => $id, time() - $attconfig->rotateqrcodeexpirymargin], 0, 2); foreach ($qrpassdatabase as $qrpasselement) { if ($qrpass == $qrpasselement->password) {