Properly escape underscore in db query

Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Carl Schwan <carl@carlschwan.eu>
author: Carl Schwan <carl@carlschwan.eu> 2022-10-13 18:50:36 +0200
committer: GitHub <noreply@github.com> 2022-10-13 18:50:36 +0200
commit: f8453df98e7a6c802238ba73e5a7adc7000a9095 (patch)
tree: 819971c9a4070659703a0f4e32521e760a35c420 /apps
parent: 8c95e46744e03a528a2944cce40e6e189b1c1d0a (diff)
download: nextcloud-server-f8453df98e7a6c802238ba73e5a7adc7000a9095.tar.gz
nextcloud-server-f8453df98e7a6c802238ba73e5a7adc7000a9095.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/user_status/lib/Db/UserStatusMapper.php b/apps/user_status/lib/Db/UserStatusMapper.php
index cb7ad5392db..d40c6a29860 100644
--- a/apps/user_status/lib/Db/UserStatusMapper.php
+++ b/apps/user_status/lib/Db/UserStatusMapper.php
@@ -83,7 +83,7 @@ class UserStatusMapper extends QBMapper {
 					$qb->expr()->isNotNull('custom_icon'),
 					$qb->expr()->isNotNull('custom_message'),
 				),
-				$qb->expr()->notLike('user_id', $qb->createNamedParameter('\_%'))
+				$qb->expr()->notLike('user_id', $qb->createNamedParameter($this->db->escapeLikeParameter('_') . '%'))
 			));
 
 		if ($limit !== null) {
author	Carl Schwan <carl@carlschwan.eu>	2022-10-13 18:50:36 +0200
committer	GitHub <noreply@github.com>	2022-10-13 18:50:36 +0200
commit	f8453df98e7a6c802238ba73e5a7adc7000a9095 (patch)
tree	819971c9a4070659703a0f4e32521e760a35c420 /apps
parent	8c95e46744e03a528a2944cce40e6e189b1c1d0a (diff)
download	nextcloud-server-f8453df98e7a6c802238ba73e5a7adc7000a9095.tar.gz nextcloud-server-f8453df98e7a6c802238ba73e5a7adc7000a9095.zip