From bfc34dc5b61be15b1d3eea7adf651bf9390bc6ad Mon Sep 17 00:00:00 2001
From: =?utf8?q?St=C3=A9phane=20Jacob?= <sj@m4x.org>
Date: Sat, 5 Nov 2011 18:13:34 +0100
Subject: [PATCH] Fixes security issue in User::getLogin introduced in
 7de5cd885589022b78b29d7881ec9922408339d6.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: Stéphane Jacob <sj@m4x.org>
---
 classes/user.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/classes/user.php b/classes/user.php
index a0b28ea..7723c3f 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -83,10 +83,10 @@ class User extends PlUser
         }
 
         // Checks whether $login is a valid hruid or not.
-        $res = XDB::query("SELECT  uid
+        $res = XDB::query('SELECT  uid
                              FROM  accounts
-                            WHERE  hruid LIKE CONCAT('%', {?}, '%')", $login);
-        if ($res->numRows()) {
+                            WHERE  hruid' . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $login));
+        if ($res->numRows() == 1) {
             return $res->fetchOneCell();
         }
 
-- 
2.1.4