Cavemanon/piratepoet
7
Fork 0
Code Pull Requests Actions Releases 16 Activity

Refactor search string escaping to a helper function

Browse Source 
[MAILPOET-3077]
This commit is contained in:
Rostislav Wolny
2020-09-24 15:14:28 +02:00
committed by Veljko V
parent cd5079efda
commit d026517ed9
5 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/Newsletter/Listing/NewsletterListingRepository.php
View File

@ -5,6 +5,7 @@ namespace MailPoet\Newsletter\Listing;
use MailPoet\Entities\NewsletterEntity;
use MailPoet\Listing\ListingDefinition;
use MailPoet\Listing\ListingRepository;
use MailPoet\Util\Helpers;
use MailPoet\WP\Functions as WPFunctions;
use MailPoetVendor\Doctrine\ORM\QueryBuilder;
@ -202,7 +203,7 @@ class NewsletterListingRepository extends ListingRepository {
}
protected function applySearch(QueryBuilder $queryBuilder, string $search) {
$search = str_replace(['\\', '%', '_'], ['\\\\', '\\%', '\\_'], $search); // escape for 'LIKE'
$search = Helpers::escapeSearch($search);
$queryBuilder
->andWhere('n.subject LIKE :search')
->setParameter('search', "%$search%");