From 1452e74431ae7eb87fbace7c19a914414bcbff74 Mon Sep 17 00:00:00 2001
From: John BOTELLA <john.botella@atm-consulting.fr>
Date: Fri, 20 May 2022 19:01:25 +0200
Subject: [PATCH] Fix sanitize

---
 htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php
index 418ecd85522..0c3d98f03a6 100644
--- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php
+++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php
@@ -65,8 +65,8 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($
 			if (is_array($crit)) {
 				$crit = implode(' ', $crit); // natural_search() expects a string
 			} elseif ($typ === 'select' and is_string($crit) and strpos($crit, ',') === false) {
-				$critSelect = implode("','", array_map(array($db, 'escape'), explode(',', $crit)));
-				$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." IN ('".$critSelect."') )";
+				$critSelect = "'".implode("','", array_map(array($db, 'escape'), explode(',', $crit)))."'";
+				$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." IN (".$db->sanitize($critSelect, 1).") )";
 				continue;
 			}
 			$sql .= natural_search($extrafieldsobjectprefix.$tmpkey, $crit, $mode_search);