amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-05-21 11:25:24 +00:00
Code Issues Projects Releases Wiki Activity

See ChangeLog

Browse Source 
Monotone-Parent: 5cd36f9e514c2019e708362661b3ede2e8598fb8
Monotone-Revision: ae25610b2149f561f23ae34e0889a7197d4324c3

Monotone-Author: ludovic@Sophos.ca
Monotone-Date: 2010-03-25T01:20:06
Monotone-Branch: ca.inverse.sogo
This commit is contained in:
Ludovic Marcotte
2010-03-25 01:20:06 +00:00
parent 8dfaa80f36
commit 7c72b96b1e
2 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ChangeLog
+4
View File
@@ -9,6 +9,10 @@
(- _parseLine:) fixed incorrrect handling
of QP-encoded attributes.
* SoObjects/SOGo/SQLSource.m - we now properly
escape quotes for SQL parameters coming from
user's input.
2010-03-22 Ludovic Marcotte <lmarcotte@inverse.ca>
* SoObjects/Mailer/SOGoDraftObject.m - we strip
SoObjects/SOGo/SQLSource.m
+4
View File
@@ -184,6 +184,7 @@
rc = NO;
_login = [_login stringByReplacingString: @"'" withString: @"''"];
cm = [GCSChannelManager defaultChannelManager];
channel = [cm acquireOpenChannelForURL: _viewURL];
if (channel)
@@ -237,6 +238,7 @@
response = nil;
theID = [theID stringByReplacingString: @"'" withString: @"''"];
cm = [GCSChannelManager defaultChannelManager];
channel = [cm acquireOpenChannelForURL: _viewURL];
if (channel)
@@ -348,6 +350,8 @@
if (channel)
{
lowerFilter = [filter lowercaseString];
lowerFilter = [lowerFilter stringByReplacingString: @"'" withString: @"''"];
sql = [NSString stringWithFormat: (@"SELECT *"
@" FROM %@"
@" WHERE LOWER(c_cn) LIKE '%%%@%%'"