From 0caae06a2d0eaa1e40b719853b69b261db758d0c Mon Sep 17 00:00:00 2001
From: Yannick Warnier <ywarnier@beeznest.org>
Date: Wed, 21 Oct 2015 12:08:12 -0500
Subject: [PATCH] Escape group title and description in migration process -
 refs CT#7909

---
 main/install/install.lib.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/main/install/install.lib.php b/main/install/install.lib.php
index dd2b7cbc6be..ddd7c6f03aa 100755
--- a/main/install/install.lib.php
+++ b/main/install/install.lib.php
@@ -2350,6 +2350,8 @@ function fixIds(EntityManager $em)
 
     if (!empty($groups )) {
         foreach ($groups as $group) {
+            $group['description'] = Database::escape_string($group['description']);
+            $group['name'] = Database::escape_string($group['name']);
             $sql = "INSERT INTO usergroup (name, group_type, description, picture, url, visibility, updated_at, created_at)
                     VALUES ('{$group['name']}', '1', '{$group['description']}', '{$group['picture_uri']}', '{$group['url']}', '{$group['visibility']}', '{$group['updated_on']}', '{$group['created_on']}')";