From 62605b11ed5c08892acf1676fbd8b460078d13af Mon Sep 17 00:00:00 2001
From: KMityai <dkruglovn@gmail.com>
Date: Fri, 7 Jul 2023 15:48:53 +0300
Subject: [PATCH 1/3] updated test testGetZoneByName

---
 tests/system/lib/repository/DataRepositoryAdminTest.php | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/system/lib/repository/DataRepositoryAdminTest.php b/tests/system/lib/repository/DataRepositoryAdminTest.php
index 071e760..94ed8c1 100644
--- a/tests/system/lib/repository/DataRepositoryAdminTest.php
+++ b/tests/system/lib/repository/DataRepositoryAdminTest.php
@@ -19,6 +19,8 @@ class DataRepositoryAdminTest extends TestCase {
 
         $this->assertNotEmpty($zone);
         $this->assertNotEmpty($zone['zone_id']);
+
+        $repository->getZoneByName('Rostov-na-Do\'nu');
     }
 
     public function testGetCurrencyByCode() {

From f5f55dd449cd885a2f7e47b2ba102e4c5d610b3f Mon Sep 17 00:00:00 2001
From: KMityai <dkruglovn@gmail.com>
Date: Fri, 7 Jul 2023 15:58:04 +0300
Subject: [PATCH 2/3] added escaping for db query in method for getting zone

---
 .../system/library/retailcrm/lib/repository/DataRepository.php   | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/upload/system/library/retailcrm/lib/repository/DataRepository.php b/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
index 74abcb7..62393b7 100644
--- a/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
+++ b/src/upload/system/library/retailcrm/lib/repository/DataRepository.php
@@ -124,6 +124,7 @@ class DataRepository extends \retailcrm\Base {
      * @return array
      */
     public function getZoneByName($name) {
+        $name = $this->db->escape($name);
         $query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "zone` WHERE name = '" . $name . "'");
 
         return $query->row;

From a56ce789ed305ed4649a9e1d6a9c26e0dc98d393 Mon Sep 17 00:00:00 2001
From: KMityai <dkruglovn@gmail.com>
Date: Fri, 7 Jul 2023 16:13:20 +0300
Subject: [PATCH 3/3] version bump

---
 CHANGELOG.md | 3 +++
 VERSION      | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fefe311..91fd812 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,6 @@
+## v4.1.12
+* Added escaping for db query in method for getting zone
+
 ## v4.1.11
 * Fixed the transfer of the weight offers
 
diff --git a/VERSION b/VERSION
index 152e452..b05079e 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-4.1.11
+4.1.12