Uploaded image for project: 'eZ Publish / Platform'
  1. eZ Publish / Platform
  2. EZP-21776

Simple FieldValue Criterion handler does not escape value when used with CONTAINS operator

    XMLWordPrintable

    Details

      Description

      When string value is given in a Criterion on a field handled by Simple value handler and using CONTAINS operator, invalid query is created resulting in PDO error.

      Solution: value needs to be bound (bindValue()).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              petar.spanja@ez.no Petar Spanja (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 30 minutes
                  30m