[TYPO3-core] RFC: Bug #15462: Wrong order of quote and escape in LIKE DB clause
Susanne Moog
info at susannemoog.de
Mon Sep 6 10:44:04 CEST 2010
On 05.09.2010 16:09, Marcus Krause wrote:
> Hi!
>
>
> This is a SVN patch request.
>
> Type: Bugfix
>
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=15642
>
> Branches: TYPO3_4-2, TYPO3_4-3, TYPO3_4-4, Trunk
>
>
> Problem:
> Method SC_mod_tools_em_xmlhandler::searchExtensionsXML() allows to
> search for an extension key with a LIKE database clause. The order of
> applied quote and escape DB API methods is wrong.
+1 by reading and testing on trunk. I tested with adding a debug
statement to the function and searched for the extension "test%_/" in TER.
(When debugging pay attention to #15093)
Best regards,
Susanne
More information about the TYPO3-team-core
mailing list