From 1eeb80880c389bc375768e535f61cc29144832cc Mon Sep 17 00:00:00 2001 From: Johannes Meyer Date: Wed, 17 Jul 2024 16:53:41 +0200 Subject: [PATCH] SaveEventRuleForm: Escape `condition` by default --- application/forms/SaveEventRuleForm.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/application/forms/SaveEventRuleForm.php b/application/forms/SaveEventRuleForm.php index 64c68e7a..638a2662 100644 --- a/application/forms/SaveEventRuleForm.php +++ b/application/forms/SaveEventRuleForm.php @@ -225,7 +225,7 @@ public function addRule(array $config): int $db->insert('rule_escalation', [ 'rule_id' => $ruleId, 'position' => $position, - 'condition' => $escalationConfig['condition'] ?? null, + $db->quoteIdentifier('condition') => $escalationConfig['condition'] ?? null, 'name' => $escalationConfig['name'] ?? null, 'fallback_for' => $escalationConfig['fallback_for'] ?? null, 'changed_at' => $changedAt @@ -278,7 +278,7 @@ private function insertOrUpdateEscalations($ruleId, array $escalations, Connecti $db->insert('rule_escalation', [ 'rule_id' => $ruleId, 'position' => $position, - 'condition' => $escalationConfig['condition'] ?? null, + $db->quoteIdentifier('condition') => $escalationConfig['condition'] ?? null, 'name' => $escalationConfig['name'] ?? null, 'fallback_for' => $escalationConfig['fallback_for'] ?? null, 'changed_at' => $changedAt @@ -289,7 +289,7 @@ private function insertOrUpdateEscalations($ruleId, array $escalations, Connecti $escalationId = $escalationConfig['id']; $db->update('rule_escalation', [ 'position' => $position, - 'condition' => $escalationConfig['condition'] ?? null, + $db->quoteIdentifier('condition') => $escalationConfig['condition'] ?? null, 'name' => $escalationConfig['name'] ?? null, 'fallback_for' => $escalationConfig['fallback_for'] ?? null, 'changed_at' => $changedAt