Page 1 of 1

error in com_modules > models > positions.php

Posted: Fri Feb 02, 2018 12:00 pm
by d0tr0ngnghia
in file

\administrator\components\com_modules\models\positions.php

line 113
if ($search)
{
$search= $this->_db->quote('%' . str_replace(' ', '%', $this->_db->escape(trim($search), true) . '%'));
$query->where('position LIKE ' . $search); // $search MODIFIED *****
}


#must be ------------------------------------


if ($search)
{
$TMP_XYZ = $this->_db->quote('%' . str_replace(' ', '%', $this->_db->escape(trim($search), true) . '%'));
$query->where('position LIKE ' . $TMP_XYZ);
}


because preg_match line 177 use $search MODIFIED ===>>> preg_match = 0 all time.

Re: error in com_modules > models > positions.php

Posted: Fri Feb 02, 2018 12:25 pm
by fcoulter
Not a security issue. Please try to post in the correct forum.

You can report this to the Joomla issue tracker: https://issues.joomla.org/

At a quick glance I think I agree with your logic.