[!!!][BUGFIX] Indexed Search: Escape search strings for LIKE queries
LIKE queries support special placeholders (_ and %). These characters need proper escaping before being used in database queries. Use the escapeStrForLike() method to provide properly escaped strings to the query. This patch handles few places missed by http://review.typo3.org/42806 Resolves: #69227 Releases: master Change-Id: Ie68dd140aafa755be08ba9505b3ac33f00a8f2e2 Reviewed-on: http://review.typo3.org/42969 Reviewed-by:Alexander Opitz <opitz.alexander@googlemail.com> Tested-by:
Benni Mack <benni@typo3.org> Reviewed-by:
Showing
- typo3/sysext/core/Documentation/Changelog/master/Breaking-69227-StringsForLikeAreNotProperlyEscaped.rst 34 additions, 0 deletions...er/Breaking-69227-StringsForLikeAreNotProperlyEscaped.rst
- typo3/sysext/indexed_search/Classes/Controller/SearchFormController.php 24 additions, 14 deletions...ndexed_search/Classes/Controller/SearchFormController.php
- typo3/sysext/indexed_search/Classes/Domain/Repository/IndexSearchRepository.php 21 additions, 21 deletions...earch/Classes/Domain/Repository/IndexSearchRepository.php
- typo3/sysext/indexed_search/Classes/Utility/LikeWildcard.php 59 additions, 0 deletionstypo3/sysext/indexed_search/Classes/Utility/LikeWildcard.php
- typo3/sysext/indexed_search/Tests/Unit/Utility/LikeWildcardTest.php 112 additions, 0 deletions...xt/indexed_search/Tests/Unit/Utility/LikeWildcardTest.php
Loading
Please register or sign in to comment