Escape the search terms on the server
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
parent
d4771be2c0
commit
cfa6c7cb71
|
@ -138,11 +138,15 @@ class Manager implements IManager {
|
|||
$query->expr()->eq('a.user_id', $query->createNamedParameter($userId, IQueryBuilder::PARAM_STR))
|
||||
)
|
||||
)
|
||||
->where($query->expr()->iLike('c.name', $query->createNamedParameter($filter, IQueryBuilder::PARAM_STR)))
|
||||
->andWhere($query->expr()->eq('a.access', $query->createNamedParameter(1, IQueryBuilder::PARAM_INT)))
|
||||
->where($query->expr()->eq('a.access', $query->createNamedParameter(1, IQueryBuilder::PARAM_INT)))
|
||||
->orderBy('c.id')
|
||||
->setMaxResults($limit)
|
||||
->setFirstResult($start);
|
||||
|
||||
if ($filter !== '') {
|
||||
$query->where($query->expr()->iLike('c.name', $query->createNamedParameter('%' . $this->connection->escapeLikeParameter($filter) . '%')));
|
||||
}
|
||||
|
||||
$result = $query->execute();
|
||||
$collections = [];
|
||||
|
||||
|
|
Loading…
Reference in New Issue