projects / civicrm-core.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
copyright and version fixes
[civicrm-core.git] / CRM / Contact / Form / Search / Custom / Base.php
diff --git a/CRM/Contact/Form/Search/Custom/Base.php b/CRM/Contact/Form/Search/Custom/Base.php
index 85ff59ec795c69698818581d8b6996da612bc3cc..fd2227cb97d033ab09bb48cb8b6c7c7ffbcf7230 100644 (file)
--- a/CRM/Contact/Form/Search/Custom/Base.php
+++ b/CRM/Contact/Form/Search/Custom/Base.php
@@ -1,7 +1,7 @@
 <?php
 /*
  +--------------------------------------------------------------------+
- | CiviCRM version 4.3                                                |
+ | CiviCRM version 4.4                                                |
  +--------------------------------------------------------------------+
  | Copyright CiviCRM LLC (c) 2004-2013                                |
  +--------------------------------------------------------------------+
@@ -124,6 +124,7 @@ class CRM_Contact_Form_Search_Custom_Base {
   function addSortOffset(&$sql, $offset, $rowcount, $sort) {
     if (!empty($sort)) {
       if (is_string($sort)) {
+        $sort = CRM_Utils_Type::escape($sort, 'String');
         $sql .= " ORDER BY $sort ";
       }
       else {
@@ -132,6 +133,9 @@ class CRM_Contact_Form_Search_Custom_Base {
     }
 
     if ($rowcount > 0 && $offset >= 0) {
+      $offset = CRM_Utils_Type::escape($offset, 'Int');
+      $rowcount = CRM_Utils_Type::escape($rowcount, 'Int');
+
       $sql .= " LIMIT $offset, $rowcount ";
     }
   }
@@ -170,4 +174,4 @@ class CRM_Contact_Form_Search_Custom_Base {
   function getQueryObj() {
     return NULL;
   }
-}
\ No newline at end of file
+}