From: Seamus Lee <seamuslee001@gmail.com>
Date: Sun, 29 Mar 2020 20:55:14 +0000 (+1100)
Subject: Also escape when value starts with a [ and validate the negative operation as well
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=cad7f02d49d7fa3552cc8be8d706e9de328346c3;p=civicrm-core.git

Also escape when value starts with a [ and validate the negative operation as well
---

diff --git a/CRM/Contact/BAO/Query.php b/CRM/Contact/BAO/Query.php
index 4ccb455f21..5a3d0167e6 100644
--- a/CRM/Contact/BAO/Query.php
+++ b/CRM/Contact/BAO/Query.php
@@ -4057,9 +4057,11 @@ WHERE  $smartGroupClause
       }
     }
     if (strpbrk($value, "[")) {
-      $value = "'{$value}'";
-      $op = "!{$op}";
-      $this->_where[$grouping][] = "contact_a.{$name} $op $value";
+      $value = CRM_Core_DAO::escapeString($value);
+      if (in_array("!{$op}", CRM_Core_DAO::acceptedSQLOperators(), TRUE)) {
+        $op = "!{$op}";
+        $this->_where[$grouping][] = "contact_a.{$name} $op $value";
+      }
     }
     else {
       CRM_Utils_Type::validate($value, 'Integer');