aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSunil Joshi <joshi_sunil@in.com>2012-10-14 20:03:17 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-10-14 20:03:17 +0200
commit9048c371060791a46e117a580bd53a2db2602145 (patch)
tree889613f2dfe9c9addeefce4bfe8a829f4f15fed1
parentbb704999e46a4d4fb68e22c5b4672d5461362f33 (diff)
downloadbugs-9048c371060791a46e117a580bd53a2db2602145.tar
bugs-9048c371060791a46e117a580bd53a2db2602145.tar.gz
bugs-9048c371060791a46e117a580bd53a2db2602145.tar.bz2
bugs-9048c371060791a46e117a580bd53a2db2602145.tar.xz
bugs-9048c371060791a46e117a580bd53a2db2602145.zip
Bug 163890: editusers.cgi incorrectly treats "_" (underscore) as a wildcard
r/a=LpSolit
-rwxr-xr-xeditusers.cgi3
1 files changed, 1 insertions, 2 deletions
diff --git a/editusers.cgi b/editusers.cgi
index 30a747ded..12f7a548d 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -146,8 +146,7 @@ if ($action eq 'search') {
} elsif ($matchtype eq 'exact') {
$query .= $expr . ' = ?';
} else { # substr or unknown
- $query .= $dbh->sql_istrcmp($expr, '?', 'LIKE');
- $matchstr = "%$matchstr%";
+ $query .= $dbh->sql_iposition('?', $expr) . ' > 0';
}
$nextCondition = 'AND';
push(@bindValues, $matchstr);