Skip to content

Commit

Permalink
Merge pull request from GHSA-fvrf-9428-527m
Browse files Browse the repository at this point in the history 
Security Update for SQLi for Magento 2
  • Loading branch information
@mark-netalico
mark-netalico authored Apr 19, 2021
2 parents 56cf1f1 + 093a79b commit 368a585
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions lib/Varien/Db/Adapter/Pdo/Mysql.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3001,9 +3001,8 @@ public function prepareSqlCondition($fieldName, $condition)
*/
protected function _prepareQuotedSqlCondition($text, $value, $fieldName)
{
$sql = $this->quoteInto($text, $value);
$sql = str_replace('{{fieldName}}', $fieldName, $sql);
return $sql;
$text = str_replace('{{fieldName}}', $fieldName, $text);
return $this->quoteInto($text, $value);

This comment has been minimized.

Sign in to view

Copy link
@luigifab

luigifab Apr 20, 2021

Contributor

You have break indentation 👮🏽‍♀️
}

/**
Expand Down

0 comments on commit 368a585

Please sign in to comment.