From a7f6e91ac03baeadeacaeff9d34a57ec1cc6e466 Mon Sep 17 00:00:00 2001 From: Jerome Nadaud Date: Mon, 19 Aug 2013 10:35:43 +0200 Subject: [PATCH] [-] BO : FixBug #PSCFV-9329 Alias problem in order by --- classes/Validate.php | 2 +- classes/controller/AdminController.php | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/classes/Validate.php b/classes/Validate.php index bce881555..fa4a4872d 100644 --- a/classes/Validate.php +++ b/classes/Validate.php @@ -592,7 +592,7 @@ class ValidateCore */ public static function isOrderBy($order) { - return preg_match('/^[a-zA-Z0-9._-]+$/', $order); + return preg_match('/^[a-zA-Z0-9.!_-]+$/', $order); } /** diff --git a/classes/controller/AdminController.php b/classes/controller/AdminController.php index e36804246..537c377f2 100644 --- a/classes/controller/AdminController.php +++ b/classes/controller/AdminController.php @@ -2149,15 +2149,14 @@ class AdminControllerCore extends Controller /* Cache */ $this->_lang = (int)$id_lang; + $this->_orderBy = $order_by; if (preg_match('/[.!]/', $order_by)) { $order_by_split = preg_split('/[.!]/', $order_by); $order_by = pSQL($order_by_split[0]).'.`'.pSQL($order_by_split[1]).'`'; - $this->_orderBy = (isset($order_by_split) && isset($order_by_split[1])) ? $order_by_split[1] : $order_by; } - else - $this->_orderBy = $order_by; + $this->_orderWay = Tools::strtoupper($order_way); /* SQL table : orders, but class name is Order */