open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Properly escape underscore in db query

Browse Source 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
pull/34569/head
Carl Schwan 3 years ago committed by GitHub
parent 8c95e46744
commit f8453df98e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      apps/user_status/lib/Db/UserStatusMapper.php

2
apps/user_status/lib/Db/UserStatusMapper.php
Unescape View File

@ -83,7 +83,7 @@ class UserStatusMapper extends QBMapper {
$qb->expr()->isNotNull('custom_icon'),
$qb->expr()->isNotNull('custom_message'),
),
$qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%'))
$qb->expr()->notLike('user_id', $qb->createNamedParameter($this->db->escapeLikeParameter('_') . '%'))
));
if ($limit !== null) {

Write Preview
Loading…
Cancel
Save