From 577a782fe9af6c887c83025ad9d7e6a3af52cc9d Mon Sep 17 00:00:00 2001
From: Joe Murray <joe.murray@jmaconsulting.biz>
Date: Fri, 8 Jan 2016 17:20:07 -0500
Subject: [PATCH] Added a todo

---
 CRM/Utils/SQL/Select.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CRM/Utils/SQL/Select.php b/CRM/Utils/SQL/Select.php
index a45bfa5729..e130e57994 100644
--- a/CRM/Utils/SQL/Select.php
+++ b/CRM/Utils/SQL/Select.php
@@ -464,6 +464,7 @@ class CRM_Utils_SQL_Select implements ArrayAccess {
             $parts = array_map(array($select, 'escapeString'), $values);
             return implode(', ', $parts);
 
+          // TODO: ensure all uses of this un-escaped literal are safe
           case '!':
             return implode(', ', $values);
 
-- 
2.25.1