From ef7a9ff02e1c6459b4ac4e5c9bb51157d7ed58ab Mon Sep 17 00:00:00 2001
From: Bruno Da Silva <bruno.dasilva@combodo.com>
Date: Fri, 20 Apr 2018 13:54:53 +0000
Subject: [PATCH] bugfix: query serialization edge case

it did break when a "+" was present in the url, a rawurlencode was added, it is backward compatible because for pre-existing string, there is no % present so the unserialization's rawurldecode is without BC effect.

SVN:trunk[5709]
---
 core/dbsearch.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/core/dbsearch.class.php b/core/dbsearch.class.php
index 8b8b9fb6f..ce74950ba 100644
--- a/core/dbsearch.class.php
+++ b/core/dbsearch.class.php
@@ -245,7 +245,7 @@ abstract class DBSearch
     public function serialize($bDevelopParams = false, $aContextParams = null)
 	{
 		$sOql = $this->ToOql($bDevelopParams, $aContextParams);
-		return base64_encode(serialize(array($sOql, $this->GetInternalParams(), $this->m_aModifierProperties)));
+		return rawurlencode(base64_encode(serialize(array($sOql, $this->GetInternalParams(), $this->m_aModifierProperties))));
 	}
 
 	/**
@@ -255,7 +255,7 @@ abstract class DBSearch
 	 */
 	static public function unserialize($sValue)
 	{
-		$aData = unserialize(base64_decode($sValue));
+		$aData = unserialize(base64_decode(rawurldecode($sValue)));
 		$sOql = $aData[0];
 		$aParams = $aData[1];
 		// We've tried to use gzcompress/gzuncompress, but for some specific queries