From 20a5e25fe0e4657c19c092209012d186b33c9d10 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C4=8Ciha=C5=99?= <michal@cihar.com>
Date: Wed, 25 Jan 2017 10:01:16 +0100
Subject: [PATCH] Fix navigation panel server side search
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes #12923

Signed-off-by: Michal Čihař <michal@cihar.com>
---
 libraries/navigation/nodes/Node.php | 20 +++++---------------
 1 file changed, 5 insertions(+), 15 deletions(-)

diff --git a/libraries/navigation/nodes/Node.php b/libraries/navigation/nodes/Node.php
index c5ee89d9d8e8..f265fca2880a 100644
--- a/libraries/navigation/nodes/Node.php
+++ b/libraries/navigation/nodes/Node.php
@@ -424,9 +424,7 @@ public function getData($type, $pos, $searchClause = '')
             return $retval;
         }
 
-        $dbSeparator = $GLOBALS['dbi']->escapeString(
-            $GLOBALS['cfg']['NavigationTreeDbSeparator']
-        );
+        $dbSeparator = $GLOBALS['cfg']['NavigationTreeDbSeparator'];
         if (isset($GLOBALS['cfg']['Server']['DisableIS'])
             && !$GLOBALS['cfg']['Server']['DisableIS']
         ) {
@@ -436,7 +434,7 @@ public function getData($type, $pos, $searchClause = '')
             $query .= "SELECT DB_first_level ";
             $query .= "FROM ( ";
             $query .= "SELECT DISTINCT SUBSTRING_INDEX(SCHEMA_NAME, ";
-            $query .= "'%s', 1) ";
+            $query .= "'" . $GLOBALS['dbi']->escapeString($dbSeparator) . "', 1) ";
             $query .= "DB_first_level ";
             $query .= "FROM INFORMATION_SCHEMA.SCHEMATA ";
             $query .= $this->_getWhereClause('SCHEMA_NAME', $searchClause);
@@ -446,19 +444,11 @@ public function getData($type, $pos, $searchClause = '')
             $query .= ") t2 ";
             $query .= $this->_getWhereClause('SCHEMA_NAME', $searchClause);
             $query .= "AND 1 = LOCATE(CONCAT(DB_first_level, ";
-            $query .= "'%s'), ";
+            $query .= "'" . $GLOBALS['dbi']->escapeString($dbSeparator) . "'), ";
             $query .= "CONCAT(SCHEMA_NAME, ";
-            $query .= "'%s')) ";
+            $query .= "'" . $GLOBALS['dbi']->escapeString($dbSeparator) . "')) ";
             $query .= "ORDER BY SCHEMA_NAME ASC";
-
-            $retval = $GLOBALS['dbi']->fetchResult(
-                sprintf(
-                    $query,
-                    $dbSeparator,
-                    $dbSeparator,
-                    $dbSeparator
-                )
-            );
+            $retval = $GLOBALS['dbi']->fetchResult($query);
 
             return $retval;
         }