From e880ed1c59a4b5ae49c7495c72363ade84bc7221 Mon Sep 17 00:00:00 2001
From: Vincent Riquer <vincent+gitorious@riquer.fr>
Date: Tue, 9 Apr 2013 18:13:14 +0200
Subject: [PATCH] copyFiles_action: protect '"' from SQL

---
 lib/copy/copyFiles_action | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/copy/copyFiles_action b/lib/copy/copyFiles_action
index 7482836..981469d 100644
--- a/lib/copy/copyFiles_action
+++ b/lib/copy/copyFiles_action
@@ -37,6 +37,7 @@ copyFiles_action() {
 		rest=${rest#*|}
 		destfileid=${rest%%|*}
 		rest=${rest#*|}
+		sourcedir=${sourcefilename%/*}
 		echo 'SELECT IFNULL( (
 			SELECT	destination_files.filename
 			FROM		destination_files
@@ -48,7 +49,8 @@ copyFiles_action() {
 			INNER JOIN	destinations
 				ON	destinations.id=destination_files.destination_id
 			WHERE	destinations.id = '$destinationid'
-			AND	source_files.filename LIKE "'"${sourcefilename%/*}"'/%"
+			AND	source_files.filename LIKE
+					"'"${sourcedir//\"/\"\"}"'/%"
 			AND	mime_type_actions.action = 1
 			LIMIT 1
 		),"AtOM:NotFound");