Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

FIX SQL injection

Browse Source
This commit is contained in:
Laurent Destailleur
2017-09-06 18:17:57 +02:00
parent 032f54dd1a
commit 33e2179b65
7 changed files with 27 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/lib/functions.lib.php
View File

@@ -6199,6 +6199,8 @@ function natural_search($fields, $value, $mode=0, $nofirstand=0)
{
global $db,$langs;
$value=trim($value);
if ($mode == 0)
{
$value=preg_replace('/\*/','%',$value); // Replace * with %