From 496d0bb85113e4e3bfe6143330a0e6fd403baab1 Mon Sep 17 00:00:00 2001
From: Benjamin Perche <bperche9@gmail.com>
Date: Tue, 22 Jul 2014 16:43:36 +0200
Subject: [PATCH] =?UTF-8?q?Fix=20SQL=20escape=20method=20=09modifi=C3=A9:?=
 =?UTF-8?q?=20=20=20=20=20=20=20=20=20core/lib/Thelia/ImportExport/Export/?=
 =?UTF-8?q?Type/ProductPricesExport.php?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../ImportExport/Export/Type/ProductPricesExport.php   | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php b/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
index d212aa4a7..6c3d91cd9 100644
--- a/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
+++ b/core/lib/Thelia/ImportExport/Export/Type/ProductPricesExport.php
@@ -141,15 +141,25 @@ class ProductPricesExport extends ExportHandler
         return $data->loadModelCriteria($query);
     }
 
+    /**
+     * @param $str
+     * @return string
+     *
+     * Really escapes a string for SQL request.
+     */
     protected function real_escape($str)
     {
         $return = "CONCAT(";
         $len = strlen($str);
+
         for($i = 0; $i < $len; ++$i) {
             $return .= "CHAR(".ord($str[$i])."),";
         }
+
         if ($i > 0) {
             $return = substr($return, 0, -1);
+        } else {
+            $return = "\"\"";
         }
         $return .= ")";