From 65cd866f42320e4a7817729161d7b07d7a04638d Mon Sep 17 00:00:00 2001
From: Damian Mooyman <damian@silverstripe.com>
Date: Fri, 16 Oct 2015 11:16:30 +1300
Subject: [PATCH 1/3] Restrict 1.4 to ~3.2

---
 composer.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/composer.json b/composer.json
index 6caa41a..1b031db 100644
--- a/composer.json
+++ b/composer.json
@@ -14,7 +14,7 @@
 		}
 	],
 	"require": {
-		"silverstripe/framework": ">=3.2"
+		"silverstripe/framework": "^3.2.0"
 	},
 	"extra": {
 		"branch-alias": {

From ea1d504617ea13babe017b313e4c9d90bdc5f8cd Mon Sep 17 00:00:00 2001
From: Daniel Hensby <dhensby@silverstripe.com>
Date: Wed, 23 Mar 2016 11:17:42 +0000
Subject: [PATCH 2/3] Update travis test coverage

---
 .travis.yml | 33 +++++++++++++++++++++++----------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index f638b3b..296b4ab 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,20 +1,33 @@
-language: php
+# See https://github.com/silverstripe-labs/silverstripe-travis-support for setup details
 
 sudo: false
 
+language: php
+
 php:
   - 5.3
+  - 5.4
+  - 5.5
+  - 5.6
 
 env:
-  matrix:
-    - DB=POSTGRESQL CORE_RELEASE=master
+  - DB=SQLITE CORE_RELEASE=3.2
+
+matrix:
+  include:
+    - php: 5.6
+      env: CORE_RELEASE=3
+    - php: 5.6
+      env: CORE_RELEASE=3 PDO=1
+    - php: 5.6
+      env: CORE_RELEASE=3.3
 
 before_script:
- - composer self-update || true
- - phpenv rehash
- - git clone git://github.com/silverstripe-labs/silverstripe-travis-support.git ~/travis-support
- - php ~/travis-support/travis_setup.php --source `pwd` --target ~/builds/ss
- - cd ~/builds/ss
+  - composer self-update || true
+  - git clone git://github.com/silverstripe-labs/silverstripe-travis-support.git ~/travis-support
+  - php ~/travis-support/travis_setup.php --source `pwd` --target ~/builds/ss
+  - cd ~/builds/ss
+  - composer install
 
-script: 
- - phpunit framework/tests 
+script:
+  - vendor/bin/phpunit framework/tests

From 4aad42c084ab7b424e3607dcc522fece65e08e95 Mon Sep 17 00:00:00 2001
From: Daniel Hensby <dhensby@silverstripe.com>
Date: Tue, 21 Nov 2017 16:16:32 +0000
Subject: [PATCH 3/3] [SS-2017-008] Fix SQL injection in search engine

---
 code/SQLite3Database.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/code/SQLite3Database.php b/code/SQLite3Database.php
index 004bb3f..6019d74 100644
--- a/code/SQLite3Database.php
+++ b/code/SQLite3Database.php
@@ -228,6 +228,8 @@ class SQLite3Database extends SS_Database {
 	public function searchEngine($classesToSearch, $keywords, $start, $pageLength, $sortBy = "Relevance DESC",
 		$extraFilter = "", $booleanSearch = false, $alternativeFileFilter = "", $invertedMatch = false
 	) {
+		$start = (int)$start;
+		$pageLength = (int)$pageLength;
 		$keywords = $this->escapeString(str_replace(array('*','+','-','"','\''), '', $keywords));
 		$htmlEntityKeywords = htmlentities(utf8_decode($keywords));
 
@@ -249,7 +251,7 @@ class SQLite3Database extends SS_Database {
 			$extraFilters['File'] .= " AND ShowInSearch <> 0";
 		}
 
-		$limit = $start . ", " . (int) $pageLength;
+		$limit = $start . ", " . $pageLength;
 
 		$notMatch = $invertedMatch ? "NOT " : "";
 		if($keywords) {