This repository has been archived by the owner on Jan 8, 2020. It is now read-only.
Db\Sql\Select.php processJoins quote identifier error #7222
Comments
|
I can confirm this bug. |
andrevus
added a commit
to andrevus/zf2
that referenced
this issue
Feb 27, 2015
weierophinney
added a commit
that referenced
this issue
Mar 10, 2015
#7222 processJoins quote identifier error fix
|
Fixed with #7275 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The processJoins method is calling quoteIdentifierInFragment with an array of safeWords.
In the list of safeWords the AND, OR and BETWEEN should be surrounded by spaces (or whitespaces).
Otherwise the return string may be compromised. Here is an example from SpekCommerce :
input - catalog_category_website.category_id = catalog_category.category_id
output -
catalog_category_website.category_id=catalog_category.category_idthe line:
: $platform->quoteIdentifierInFragment($join['on'], array('=', 'AND', 'OR', '(', ')', 'BETWEEN', '<', '>'));
should be replaced by:
: $platform->quoteIdentifierInFragment($join['on'], array('=', ' AND ', ' OR ', '(', ')', ' BETWEEN ', '<', '>'));
The text was updated successfully, but these errors were encountered: