Code review for CWE-89: SQL Injection Post-authentication problem_encounter

robertovasquez wrote on Saturday, July 11, 2015:

Lines 45 and 56:form_pid POST parameter is passed to queries unescaped