Skip to content

Instantly share code, notes, and snippets.

@peterjaap

peterjaap/PRODSECBUG-2198-2.2-CE-2019-03-25-08-43-16-framework.patch

Last active March 29, 2019 19:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save peterjaap/433a07a08962ea8955e64b39c84cc4e3 to your computer and use it in GitHub Desktop.
Save peterjaap/433a07a08962ea8955e64b39c84cc4e3 to your computer and use it in GitHub Desktop.
Download ZIP
Magento 2.2 patch for PRODSECBUG-2198 in composer.patches.json format for magento/framework. See for magento/module-catalog https://gist.github.com/peterjaap/d7eaceb0e28e76cb92426a9defed0d9a
Raw
PRODSECBUG-2198-2.2-CE-2019-03-25-08-43-16-framework.patch
diff --git a/DB/Adapter/Pdo/Mysql.php b/DB/Adapter/Pdo/Mysql.php
index 1449d6d..38085a3 100644
--- a/DB/Adapter/Pdo/Mysql.php
+++ b/DB/Adapter/Pdo/Mysql.php
@@ -2904,7 +2904,7 @@ class Mysql extends \Zend_Db_Adapter_Pdo_Mysql implements AdapterInterface
if (isset($condition['to'])) {
$query .= empty($query) ? '' : ' AND ';
$to = $this->_prepareSqlDateCondition($condition, 'to');
- $query = $this->_prepareQuotedSqlCondition($query . $conditionKeyMap['to'], $to, $fieldName);
+ $query = $query . $this->_prepareQuotedSqlCondition($conditionKeyMap['to'], $to, $fieldName);
}
} elseif (array_key_exists($key, $conditionKeyMap)) {
$value = $condition[$key];
--
2.7.4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment