tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

BUGFIX Escaping $locale values in Translatable->augmentSQL() in addition to the i18n::validate_locale() input validation (from r114515)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@114516 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-12-05 05:25:51 +00:00 committed by Sam Minnee
parent 6255cdf20a
commit 6fa8f8341c
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/model/Translatable.php
View File

@ -553,7 +553,7 @@ class Translatable extends DataObjectDecorator implements PermissionProvider {
&& !preg_match('/("|\'|`)Locale("|\'|`)/', $query->getFilter()) && !preg_match('/("|\'|`)Locale("|\'|`)/', $query->getFilter())
//&& !$query->filtersOnFK() //&& !$query->filtersOnFK()
) { ) {
$qry = sprintf('"%s"."Locale" = \'%s\'', $baseTable, $locale); $qry = sprintf('"%s"."Locale" = \'%s\'', $baseTable, Convert::raw2sql($locale));
$query->where[] = $qry; $query->where[] = $qry;
} }
} }