From 4aad42c084ab7b424e3607dcc522fece65e08e95 Mon Sep 17 00:00:00 2001
From: Daniel Hensby <dhensby@silverstripe.com>
Date: Tue, 21 Nov 2017 16:16:32 +0000
Subject: [PATCH] [SS-2017-008] Fix SQL injection in search engine

---
 code/SQLite3Database.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/code/SQLite3Database.php b/code/SQLite3Database.php
index 004bb3f..6019d74 100644
--- a/code/SQLite3Database.php
+++ b/code/SQLite3Database.php
@@ -228,6 +228,8 @@ class SQLite3Database extends SS_Database {
 	public function searchEngine($classesToSearch, $keywords, $start, $pageLength, $sortBy = "Relevance DESC",
 		$extraFilter = "", $booleanSearch = false, $alternativeFileFilter = "", $invertedMatch = false
 	) {
+		$start = (int)$start;
+		$pageLength = (int)$pageLength;
 		$keywords = $this->escapeString(str_replace(array('*','+','-','"','\''), '', $keywords));
 		$htmlEntityKeywords = htmlentities(utf8_decode($keywords));
 
@@ -249,7 +251,7 @@ class SQLite3Database extends SS_Database {
 			$extraFilters['File'] .= " AND ShowInSearch <> 0";
 		}
 
-		$limit = $start . ", " . (int) $pageLength;
+		$limit = $start . ", " . $pageLength;
 
 		$notMatch = $invertedMatch ? "NOT " : "";
 		if($keywords) {