From fc233fd5e1ed9e163c17a5f3fcc499b93abe2f15 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 31 Oct 2021 19:51:03 +0100 Subject: [PATCH] Replace REGEXP with LOCATE for allow_cid and deny_cid --- .../PermissionSet/Repository/PermissionSet.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/Security/PermissionSet/Repository/PermissionSet.php b/src/Security/PermissionSet/Repository/PermissionSet.php index 097f669415..1c3b393520 100644 --- a/src/Security/PermissionSet/Repository/PermissionSet.php +++ b/src/Security/PermissionSet/Repository/PermissionSet.php @@ -137,7 +137,7 @@ class PermissionSet extends BaseRepository $cid = $cdata['user']; } else { $public_contact_str = $this->aclFormatter->toString($cid); - $user_contact_str = '<<>>'; + $user_contact_str = ''; } $groups = []; @@ -155,13 +155,13 @@ class PermissionSet extends BaseRepository } if (!empty($user_contact_str)) { - $condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR `deny_cid` REGEXP ? OR deny_gid REGEXP ?) - AND (allow_cid REGEXP ? OR allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))", + $condition = ["`uid` = ? AND (NOT (LOCATE(?, `deny_cid`) OR LOCATE(?, `deny_cid`) OR deny_gid REGEXP ?) + AND (LOCATE(?, allow_cid) OR LOCATE(?, allow_cid) OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))", $uid, $user_contact_str, $public_contact_str, $group_str, $user_contact_str, $public_contact_str, $group_str]; } else { - $condition = ["`uid` = ? AND (NOT (`deny_cid` REGEXP ? OR deny_gid REGEXP ?) - AND (allow_cid REGEXP ? OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))", + $condition = ["`uid` = ? AND (NOT (LOCATE(?, `deny_cid`) OR deny_gid REGEXP ?) + AND (LOCATE(?, allow_cid) OR allow_gid REGEXP ? OR (allow_cid = '' AND allow_gid = '')))", $uid, $public_contact_str, $group_str, $public_contact_str, $group_str]; }