r28299 - plugins/pkToolkitPlugin/trunk/data/generator/sfDoctrineModule/pkAdmin/parts

[fabien . potencier]

Author: dordille
Date: 2010-02-25 20:44:55 +0100 (Thu, 25 Feb 2010)
New Revision: 28299

Modified:
   
plugins/pkToolkitPlugin/trunk/data/generator/sfDoctrineModule/pkAdmin/parts/sortingAction.php
Log:
Fix for custom admin generator theme to address security problem found in 
symfony 1.2, 1.3, and 1.4.  Remember to cc to rebuild admin cache.
Refer to 
http://www.symfony-project.org/blog/2010/02/25/security-release-1-2-12-1-3-3-and-1-4-3
 for more details.


Modified: 
plugins/pkToolkitPlugin/trunk/data/generator/sfDoctrineModule/pkAdmin/parts/sortingAction.php
===================================================================
--- 
plugins/pkToolkitPlugin/trunk/data/generator/sfDoctrineModule/pkAdmin/parts/sortingAction.php
       2010-02-25 19:39:38 UTC (rev 28298)
+++ 
plugins/pkToolkitPlugin/trunk/data/generator/sfDoctrineModule/pkAdmin/parts/sortingAction.php
       2010-02-25 19:44:55 UTC (rev 28299)
@@ -4,6 +4,11 @@
     {
       return;
     }
+    
+    if (!in_array(strtolower($sort[1]), array('asc', 'desc')))
+    {
+      $sort[1] = 'asc';
+    }
 
     $query->addOrderBy($sort[0] . ' ' . $sort[1]);
   }

-- 
You received this message because you are subscribed to the Google Groups 
"symfony SVN" group.
To post to this group, send email to symfony-...@googlegroups.com.
To unsubscribe from this group, send email to 
symfony-svn+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/symfony-svn?hl=en.