public function applyFilter(DatabaseObjectList $list, string $id, string $value): void
{
$list->getConditionBuilder()->add("($id LIKE ? OR $id IN (SELECT languageItem FROM wcf1_language_item WHERE languageID = ? AND languageItemValue LIKE ?))", [
- '%' . $value . '%',
+ '%' . WCF::getDB()->escapeLikeValue($value) . '%',
WCF::getLanguage()->languageID,
- '%' . $value . '%'
+ '%' . WCF::getDB()->escapeLikeValue($value) . '%'
]);
}
}
use wcf\data\DatabaseObjectList;
use wcf\system\form\builder\field\AbstractFormField;
use wcf\system\form\builder\field\TextFormField;
+use wcf\system\WCF;
/**
* Filter for text columns.
#[\Override]
public function applyFilter(DatabaseObjectList $list, string $id, string $value): void
{
- $list->getConditionBuilder()->add("$id LIKE ?", ['%' . $value . '%']);
+ $list->getConditionBuilder()->add("$id LIKE ?", ['%' . WCF::getDB()->escapeLikeValue($value) . '%']);
}
#[\Override]
projects / GitHub / WoltLab / WCF.git / commitdiff