Skip to content

Commit

Permalink
slugs query updated to prevent SQL Injection - @sergio91pt
Browse files Browse the repository at this point in the history
  • Loading branch information
@bpocallaghan
bpocallaghan committed Nov 28, 2017
1 parent 29b0599 commit 85ae5cb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/HasSlug.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ protected function makeSlugUnique($slug)
*/
protected function getExistingSlugs($slug)
{
return static::whereRaw("{$this->slugOptions->slugField} LIKE '$slug%'")
return static::where($this->slugOptions->slugField, 'LIKE', "{$slug}%")
->withoutGlobalScopes()// ignore scopes
->withTrashed()// trashed, when entry gets activated again
->orderBy($this->slugOptions->slugField)
Expand Down

0 comments on commit 85ae5cb

Please sign in to comment.