-
-
Notifications
You must be signed in to change notification settings - Fork 814
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CRM-17959 - allow URL to be redirected if the queue ID is invalid but… #7728
CRM-17959 - allow URL to be redirected if the queue ID is invalid but… #7728
Conversation
… the URL ID is OK
Can one of the admins verify this patch? |
Jenkins test this please Note this should still get core teams's eyes on it |
jenkins, add to whitelist |
Test failures look unrelated to this PR @totten perhaps related to change in phpunit? |
Jenkins re test this please |
@totten I think this is OK - any concerns from your side? $turl is not user input so the lack of escaping seems OK |
tested PR: Steps to reproduce:
Condition Reproduced. Applied patch - Manually. Note @totten doing hub checkout rolled CiviCRM back to a prior version and introduced an unrelated error. Therefore, cherry picking or applying the patch was the only way to go here. After Patch perform the following steps:
Further tests:
Also verified with WordPress and Joomla @eileenmcnaughton PR looks good to merge. |
Discussed with @seamuslee001, we should use CRM_Utils_Rule::mysqlColumnNameOrAlias() to filter the variable in the SQL query. We will discuss with Tim and probably open a followup PR to address this. |
Thanks guys! |
For reference, followup SQL fix and test added in : #8516 |
… the URL ID is OK