From 06abe84fde8c30681bc99f770875c28f40800359 Mon Sep 17 00:00:00 2001
From: bobopinna <bobopinna>
Date: Mon, 16 May 2005 15:05:53 +0000
Subject: [PATCH] Fixed a SQL injection from $scoid

---
 mod/scorm/loadSCO.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mod/scorm/loadSCO.php b/mod/scorm/loadSCO.php
index 505eb95650e..21696da39cb 100755
--- a/mod/scorm/loadSCO.php
+++ b/mod/scorm/loadSCO.php
@@ -42,7 +42,7 @@
 	if ($sco = get_record("scorm_scoes","id",$scoid)) {
 	    if ($sco->launch == '') {
 		// Search for the next launchable sco 
-		if ($scoes = get_records_select("scorm_scoes","scorm=".$scorm->id." AND launch<>'' AND id>".$scoid,"id ASC")) {
+		if ($scoes = get_records_select("scorm_scoes","scorm=".$scorm->id." AND launch<>'' AND id>".$sco->id,"id ASC")) {
 		    $sco = current($scoes);
 		}
 	    }