From 005dc8e9eccc6ea35264064ae09e2e84af8d5b59 Mon Sep 17 00:00:00 2001
From: Julio Montoya <gugli100@gmail.com>
Date: Fri, 28 May 2021 09:09:43 +0200
Subject: [PATCH] Fix database field from 1.11.x

https://github.com/chamilo/chamilo-lms/commit/f7f93579ed64765c2667910b9c24d031b0a00571
---
 public/main/inc/ajax/model.ajax.php     | 16 ++++++----------
 public/main/inc/lib/database.lib.php    |  5 +++++
 public/main/inc/lib/extra_field.lib.php | 18 +++++++++++-------
 3 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/public/main/inc/ajax/model.ajax.php b/public/main/inc/ajax/model.ajax.php
index a1599f5023..4e491dbed9 100644
--- a/public/main/inc/ajax/model.ajax.php
+++ b/public/main/inc/ajax/model.ajax.php
@@ -109,6 +109,8 @@ function getWhereClause($col, $oper, $val)
         'nc' => 'NOT LIKE',  //doesn't contain
     ];
 
+    $col = Database::escapeField($col);
+
     if (empty($col)) {
         return '';
     }
@@ -1442,8 +1444,9 @@ switch ($action) {
         }
 
         $whereCondition = " AND $whereCondition ";
+        $columnOrderValidList = array_merge(['firstname', 'lastname'], $columns);
+        $sidx = in_array($sidx, $columnOrderValidList) ? $sidx : 'title';
 
-        $sidx = in_array($sidx, $columns) ? $sidx : 'title';
         $result = get_work_user_list(
             $start,
             $limit,
@@ -2505,18 +2508,11 @@ switch ($action) {
                 }
                 $result = $obj->getUserGroupNotInCourse(
                     $options,
-                    $groupFilter,
-                    false,
-                    true
+                    $groupFilter
                 );
                 break;
             case 'registered':
-                $result = $obj->getUserGroupInCourse(
-                    $options,
-                    $groupFilter,
-                    false,
-                    true
-                );
+                $result = $obj->getUserGroupInCourse($options, $groupFilter);
                 break;
         }
 
diff --git a/public/main/inc/lib/database.lib.php b/public/main/inc/lib/database.lib.php
index 1f91be98ae..06a377bb8b 100644
--- a/public/main/inc/lib/database.lib.php
+++ b/public/main/inc/lib/database.lib.php
@@ -751,4 +751,9 @@ class Database
     {
         return self::getManager()->getConnection()->getSchemaManager()->listTableColumns($table);
     }
+
+    public static function escapeField($field)
+    {
+        return self::escape_string(preg_replace("/[^a-zA-Z0-9_]/", '', $field));
+    }
 }
diff --git a/public/main/inc/lib/extra_field.lib.php b/public/main/inc/lib/extra_field.lib.php
index 2dc244cb00..7087063334 100644
--- a/public/main/inc/lib/extra_field.lib.php
+++ b/public/main/inc/lib/extra_field.lib.php
@@ -1584,7 +1584,7 @@ class ExtraField extends Model
                         if ($freezeElement) {
                             $form->freeze('extra_'.$variable);
                         }
-                        break;
+                        break;                        
                     case self::FIELD_TYPE_FILE:
                         $fieldVariable = "extra_{$variable}";
                         $fieldTexts = [
@@ -2608,6 +2608,7 @@ JAVASCRIPT;
                     }
                 } else {
                     // Extra fields
+                    $ruleField = Database::escapeField($rule->field);
                     if (false === strpos($rule->field, '_second')) {
                         //No _second
                         $original_field = str_replace($stringToSearch, '', $rule->field);
@@ -2630,7 +2631,7 @@ JAVASCRIPT;
                                 $conditionArray[] = ' ('
                                 .$this->get_where_clause($rule->field, $rule->op, $rule->data)
                                 .') ';
-                                $extraFields[] = ['field' => $rule->field, 'id' => $field_option['id']];
+                                $extraFields[] = ['field' => $ruleField, 'id' => $field_option['id']];
                             }
                                 break;
                             case self::FIELD_TYPE_TAG:
@@ -2639,10 +2640,11 @@ JAVASCRIPT;
                                     break;
                                 }
 
+                                    // Where will be injected in the parseConditions()
                                 //$where = $this->get_where_clause($rule->field, $rule->op, $rule->data, 'OR');
                                 //$conditionArray[] = " ( $where ) ";
                                 $extraFields[] = [
-                                'field' => $rule->field,
+                                        'field' => $ruleField,
                                 'id' => $field_option['id'],
                                 'data' => $rule->data,
                             ];
@@ -2656,7 +2658,7 @@ JAVASCRIPT;
                                     $where = $this->get_where_clause($rule->field, $rule->op, $rule->data, 'OR');
                                     $conditionArray[] = " ( $where ) ";
                                     $extraFields[] = [
-                                        'field' => $rule->field,
+                                        'field' => $ruleField,
                                         'id' => $field_option['id'],
                                         'data' => $rule->data,
                                     ];
@@ -2668,7 +2670,7 @@ JAVASCRIPT;
                         $original_field = str_replace($stringToSearch, '', $my_field);
                         $field_option = $this->get_handler_field_info_by_field_variable($original_field);
                         $extraFields[] = [
-                        'field' => $rule->field,
+                            'field' => $ruleField,
                         'id' => $field_option['id'],
                     ];
                     }
@@ -2689,6 +2691,8 @@ JAVASCRIPT;
      */
     public function get_where_clause($col, $oper, $val, $conditionBetweenOptions = 'OR')
     {
+        $col = Database::escapeField($col);
+
         if (empty($col)) {
             return '';
         }
@@ -2755,7 +2759,7 @@ JAVASCRIPT;
                             $inject_extra_fields .= " fvo$counter.display_text as {$extra['field']}, ";
                             break;
                         case self::FIELD_TYPE_TAG:
-                            //$inject_extra_fields .= " tag$counter.tag as {$extra['field']}, ";
+                            // If using OR
                             // If using AND
                             $newCounter = 1;
                             $fields = [];
@@ -3201,7 +3205,7 @@ JAVASCRIPT;
         );
 
         if (empty($defaultValueId)) {
-            $slct->addOption(get_lang('Please select an option'), '');
+            $slct->addOption(get_lang('Please select an option'));
         }
 
         foreach ($options as $value => $text) {