From bf66b8348f0584a6cdcd81703e00e4ec149232bc Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Fri, 28 Sep 2012 09:31:41 +0000
Subject: [PATCH] * Calendar/eMail: fixed sql error when clicking on iCal
 attachment and probably other iCal imports

---
 calendar/inc/class.calendar_so.inc.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/calendar/inc/class.calendar_so.inc.php b/calendar/inc/class.calendar_so.inc.php
index ab405b8dd9..fe6d50323f 100644
--- a/calendar/inc/class.calendar_so.inc.php
+++ b/calendar/inc/class.calendar_so.inc.php
@@ -524,17 +524,20 @@ class calendar_so
 				$where[] = '('.((int)$start).' < range_end OR range_end IS NULL)';
 			}
 		}
+		if (!preg_match('/^[a-z_ ,c]+$/i',$params['order'])) $params['order'] = 'cal_start';		// gard against SQL injection
+
 		// if not enum recuring events, we have to use minimum start- AND end-dates, otherwise we get more then one event per cal_id!
 		if (!$params['enum_recuring'])
 		{
 			$where[] = "$this->user_table.cal_recur_date=0";
 			$cols = str_replace(array('cal_start','cal_end'),array('range_start AS cal_start','(SELECT MIN(cal_end) FROM egw_cal_dates WHERE egw_cal.cal_id=egw_cal_dates.cal_id) AS cal_end'),$cols);
+			// in case cal_start is used in a query, eg. calendar_ical::find_event
+			$where = str_replace(array('cal_start','cal_end'), array('range_start','(SELECT MIN(cal_end) FROM egw_cal_dates WHERE egw_cal.cal_id=egw_cal_dates.cal_id)'), $where);
+			$params['order'] = str_replace('cal_start', 'range_start', $params['order']);
 			if ($end) $where[] = (int)$end.' > range_start';
   		}
 		elseif ($end) $where[] = (int)$end.' > cal_start';
 
-		if (!preg_match('/^[a-z_ ,c]+$/i',$params['order'])) $params['order'] = 'cal_start';		// gard against SQL injection
-
 		if ($remove_rejected_by_user && $filter != 'everything')
 		{
 			$rejected_by_user_join = "LEFT JOIN $this->user_table rejected_by_user".