fix(sec): Fix SQL injection in Curve template

* Fix SQL injection in curve template search field

fix(sec): Fix SQL injection in Curve template
810092ae · Maximilien Bersoult · Stephane Chapron · 7080bf93 · 810092ae
Commit 810092ae authored Apr 30, 2018 by Maximilien Bersoult Committed by Stephane Chapron Jun 6, 2018
--- a/www/include/views/componentTemplates/listComponentTemplates.php
+++ b/www/include/views/componentTemplates/listComponentTemplates.php
@@ -43,7 +43,7 @@ $SearchTool = null;
 $search = '';
 if (isset($_POST['searchCurve']) && $_POST['searchCurve']) {
    $search = $_POST['searchCurve'];
-    $SearchTool = " WHERE name LIKE '%".$search."%'";
+    $SearchTool = " WHERE name LIKE '%" . $pearDB->escape($search) . "%'";
 }

 $DBRESULT = $pearDB->query("SELECT COUNT(*) FROM giv_components_template".$SearchTool);
@@ -163,7 +163,7 @@ $o2 = $form->getElement('o2');
 $o2->setValue(null);

 $tpl->assign('limit', $limit);
-$tpl->assign('searchCurve', $search);
+$tpl->assign('searchCurve', htmlentities($search));

 /*
 * Apply a template definition