From 1ebad5b75e70d2111fd8cd60c3795ad567096dab Mon Sep 17 00:00:00 2001
From: Goeran Heinemann <goeran@karsdorf.net>
Date: Tue, 31 Mar 2020 11:13:01 +0200
Subject: [PATCH] korrektur sql statement

---
 html/api/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/api/index.php b/html/api/index.php
index d63ed2a..f735846 100644
--- a/html/api/index.php
+++ b/html/api/index.php
@@ -11,7 +11,7 @@ if (isset($_GET['token'])){
             $userData = $stmt->fetchAll(PDO::FETCH_ASSOC);
             $username = $userData[0]['username'];
             $userID = $userData[0]['user'];
-            $sql = "SELECT * FROM workout_routines inner join users on workout_routines.creator=users.id WHERE public=1 or creator=?";
+            $sql = "SELECT workout_routines.id, title, username FROM workout_routines inner join users on workout_routines.creator=users.id WHERE public=1 or creator=?";
             $stmt = $pdo->prepare($sql);
             $stmt->bindParam(1, $userID);
             if ($stmt->execute()){