From 35df417ee1d48b9d1736824092631fc415ad8ce8 Mon Sep 17 00:00:00 2001 From: Vitaliy Filippov Date: Wed, 18 Nov 2015 15:32:21 +0300 Subject: [PATCH] Proper fix --- Bugzilla/Search.pm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm index 72c6336cb..eb3b2ceda 100644 --- a/Bugzilla/Search.pm +++ b/Bugzilla/Search.pm @@ -1993,8 +1993,11 @@ sub run_chart # already know about it), or it was in %chartfields, so it is # a valid field name, which means that it's ok. trick_taint($self->{field}); - $self->{quoted} = Bugzilla->dbh->quote(ref $self->{value} ? $self->{value}->[0] : $self->{value}); - trick_taint($self->{quoted}); + if (!ref $self->{value} || ref $self->{value} eq 'ARRAY') + { + $self->{quoted} = Bugzilla->dbh->quote(ref $self->{value} ? $self->{value}->[0] : $self->{value}); + trick_taint($self->{quoted}); + } if (COLUMNS->{$self->{field}}->{name}) { $self->{fieldsql} = COLUMNS->{$self->{field}}->{name};