From bd9a3dd57d23bbe63886e0c5416a3c0045c8bf65 Mon Sep 17 00:00:00 2001
From: "Donald A. Lobo" <lobo@civicrm.org>
Date: Tue, 8 Oct 2013 13:23:55 +0100
Subject: [PATCH] CRM-13554

----------------------------------------
* CRM-13554: Improve string validation in the query engine
  http://issues.civicrm.org/jira/browse/CRM-13554
---
 CRM/Contact/BAO/Query.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CRM/Contact/BAO/Query.php b/CRM/Contact/BAO/Query.php
index ea7e41a501..d7d0271e25 100644
--- a/CRM/Contact/BAO/Query.php
+++ b/CRM/Contact/BAO/Query.php
@@ -3996,6 +3996,7 @@ civicrm_relationship.start_date > {$today}
       $sql .= ' GROUP BY contact_a.id';
     }
     if (!empty($sort)) {
+      $sort = CRM_Utils_Type::escape($sort, 'String');
       $sql .= " ORDER BY $sort ";
     }
     if ($row_count > 0 && $offset >= 0) {
@@ -4121,9 +4122,11 @@ civicrm_relationship.start_date > {$today}
               $orderBy = str_replace('sort_name', 'contact_a.sort_name', $orderBy);
             }
 
+            $orderBy = CRM_Utils_Type::escape($orderBy, 'String');
             $order = " ORDER BY $orderBy";
 
             if ($sortOrder) {
+              $sortOrder = CRM_Utils_Type::escape($sortOrder, 'String');
               $order .= " $sortOrder";
             }
 
-- 
2.25.1