From a0f687058d561074ee10435590e5afa276662986 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Noack?= <noack@data-quest.de>
Date: Thu, 13 Oct 2022 09:42:46 +0000
Subject: [PATCH] =?UTF-8?q?Resolve=20#1666=20"Ank=C3=BCndigungen:=20SQL=20?=
=?UTF-8?q?Fehler=20bei=20der=20Suche=20nach=20weiteren=20Bereichen"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #1666
Merge request studip/studip!1072
---
lib/classes/forms/NewsRangesInput.php | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/classes/forms/NewsRangesInput.php b/lib/classes/forms/NewsRangesInput.php
index 212cfa6f4f1..000c716782c 100644
--- a/lib/classes/forms/NewsRangesInput.php
+++ b/lib/classes/forms/NewsRangesInput.php
@@ -16,10 +16,10 @@ class NewsRangesInput extends Input
}
}
if ($GLOBALS['perm']->have_perm('root')) {
- $sql .= "UNION SELECT * FROM (SELECT BINARY 'studip__home' AS `range_id`, '"._('Stud.IP-Startseite')."' AS `name`) as tmp_global_table WHERE `name` LIKE :input ";
+ $sql .= "UNION SELECT * FROM (SELECT CAST('studip__home' AS BINARY) AS `range_id`, '"._('Stud.IP-Startseite')."' AS `name`) as tmp_global_table WHERE `name` LIKE :input ";
$sql .= "UNION SELECT CONCAT(`user_id`, '__person') AS `range_id`, CONCAT(`Vorname`, ' ', `Nachname`) AS `name` FROM `auth_user_md5` WHERE CONCAT(`Vorname`, ' ', `Nachname`) LIKE :input ";
} else {
- $sql .= "UNION SELECT * FROM (SELECT '".\User::findCurrent()->id."__person' AS `range_id`, '".\addslashes(\User::findCurrent()->getFullName()." - "._('Profilseite'))."' AS `name`) as tmp_user_table WHERE `name` LIKE :input ";
+ $sql .= "UNION SELECT * FROM (SELECT CAST('".\User::findCurrent()->id."__person' AS BINARY) AS `range_id`, '".\addslashes(\User::findCurrent()->getFullName()." - "._('Profilseite'))."' AS `name`) as tmp_user_table WHERE `name` LIKE :input ";
}
$searchtype = new \SQLSearch($sql, _('Bereich suchen'));
$items = [];
--
GitLab