aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/private/User/Database.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/private/User/Database.php b/lib/private/User/Database.php
index a281572ad55..060953c3009 100644
--- a/lib/private/User/Database.php
+++ b/lib/private/User/Database.php
@@ -185,8 +185,8 @@ class Database extends Backend implements IUserBackend {
$parameters = [];
$searchLike = '';
if ($search !== '') {
- $parameters[] = '%' . $search . '%';
- $parameters[] = '%' . $search . '%';
+ $parameters[] = '%' . \OC::$server->getDatabaseConnection()->escapeLikeParameter($search) . '%';
+ $parameters[] = '%' . \OC::$server->getDatabaseConnection()->escapeLikeParameter($search) . '%';
$searchLike = ' WHERE LOWER(`displayname`) LIKE LOWER(?) OR '
. 'LOWER(`uid`) LIKE LOWER(?)';
}
@@ -275,7 +275,7 @@ class Database extends Backend implements IUserBackend {
$parameters = [];
$searchLike = '';
if ($search !== '') {
- $parameters[] = '%' . $search . '%';
+ $parameters[] = '%' . \OC::$server->getDatabaseConnection()->escapeLikeParameter($search) . '%';
$searchLike = ' WHERE LOWER(`uid`) LIKE LOWER(?)';
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-10 19:56:57 +0000