Allow Underscore char in orderBy/groupBy filter as its a legit symbol in names

b9a5c77b · Alexander Butenko · 58938e24 · b9a5c77b
Commit b9a5c77b authored May 09, 2014 by Alexander Butenko
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

MysqliDb.php MysqliDb.php +2 -2

No files found.
--- a/MysqliDb.php
+++ b/MysqliDb.php
@@ -339,7 +339,7 @@ class MysqliDb
    {
        $allowedDirection = Array ("ASC", "DESC");
        $orderbyDirection = strtoupper (trim ($orderbyDirection));
-        $orderByField = preg_replace ("/[^-a-z0-9\.\(\),]+/i",'', $orderByField);
+        $orderByField = preg_replace ("/[^-a-z0-9\.\(\),_]+/i",'', $orderByField);

        if (empty($orderbyDirection) || !in_array ($orderbyDirection, $allowedDirection))
            die ('Wrong order direction: '.$orderbyDirection);
@@ -359,7 +359,7 @@ class MysqliDb
     */
    public function groupBy($groupByField)
    {
-        $groupByField = preg_replace ("/[^-a-z0-9\.\(\),]+/i",'', $groupByField);
+        $groupByField = preg_replace ("/[^-a-z0-9\.\(\),_]+/i",'', $groupByField);

        $this->_groupBy[] = $groupByField;
        return $this;