tonyair
/
silverstripe-framework
mirror of https://github.com/silverstripe/silverstripe-framework
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[SS-2017-008] Fix SQL injection in search engine

This commit is contained in:
Daniel Hensby 2017-11-21 14:37:48 +00:00
parent a73f75ccc5
commit 0f2049d4d4
No known key found for this signature in database
GPG Key ID: B00D1E9767F0B06E
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
model/connect/MySQLDatabase.php
View File

@ -105,10 +105,14 @@ class MySQLDatabase extends SS_Database {
public function searchEngine($classesToSearch, $keywords, $start, $pageLength, $sortBy = "Relevance DESC",
$extraFilter = "", $booleanSearch = false, $alternativeFileFilter = "", $invertedMatch = false
) {
if (!class_exists('SiteTree'))
throw new Exception('MySQLDatabase->searchEngine() requires "SiteTree" class');
if (!class_exists('File'))
throw new Exception('MySQLDatabase->searchEngine() requires "File" class');
if (!class_exists('SiteTree')) {
throw new Exception('MySQLDatabase->searchEngine() requires "SiteTree" class');
}
if (!class_exists('File')) {
throw new Exception('MySQLDatabase->searchEngine() requires "File" class');
}
$start = (int)$start;
$pageLength = (int)$pageLength;
$keywords = $this->escapeString($keywords);
$htmlEntityKeywords = htmlentities($keywords, ENT_NOQUOTES, 'UTF-8');
@ -134,7 +138,7 @@ class MySQLDatabase extends SS_Database {
if (array_key_exists('ShowInSearch', $fields))
$extraFilters['File'] .= " AND ShowInSearch <> 0";
$limit = $start . ", " . (int) $pageLength;
$limit = $start . ", " . $pageLength;
$notMatch = $invertedMatch
? "NOT "