From bfbc7bca1b51d57f6bc5e765fc95040a47291e64 Mon Sep 17 00:00:00 2001 From: Stephen Shkardoon Date: Wed, 20 Mar 2013 00:45:05 +1300 Subject: [PATCH] BUG SQL Injection in CsvBulkLoader (fixes #6227) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Diff should speak for itself, looks like this will have to be implemented in all supported branches.  --- dev/CsvBulkLoader.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/dev/CsvBulkLoader.php b/dev/CsvBulkLoader.php index c0d59ed53..b532a317b 100644 --- a/dev/CsvBulkLoader.php +++ b/dev/CsvBulkLoader.php @@ -154,7 +154,7 @@ class CsvBulkLoader extends BulkLoader { return false; //user_error("CsvBulkLoader:processRecord: Couldn't find duplicate identifier '{$fieldName}' in columns", E_USER_ERROR); } - $SQL_fieldValue = $record[$fieldName]; + $SQL_fieldValue = Convert::raw2sql($record[$fieldName]); $existingRecord = DataObject::get_one($this->objectClass, "`$SQL_fieldName` = '{$SQL_fieldValue}'"); if($existingRecord) return $existingRecord; } elseif(is_array($duplicateCheck) && isset($duplicateCheck['callback'])) { @@ -180,4 +180,4 @@ class CsvBulkLoader extends BulkLoader { } } -?> \ No newline at end of file +?>