[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb: [1446] trunk/LedgerSMB
- Subject: SF.net SVN: ledger-smb: [1446] trunk/LedgerSMB
- From: ..hidden..
- Date: Thu, 26 Jul 2007 22:23:51 -0700
Revision: 1446
http://ledger-smb.svn.sourceforge.net/ledger-smb/?rev=1446&view=rev
Author: einhverfr
Date: 2007-07-26 22:23:50 -0700 (Thu, 26 Jul 2007)
Log Message:
-----------
Fixing a large number of SQL errors in certain circumstances
Modified Paths:
--------------
trunk/LedgerSMB/AA.pm
trunk/LedgerSMB/CT.pm
trunk/LedgerSMB/OE.pm
trunk/LedgerSMB/PE.pm
Modified: trunk/LedgerSMB/AA.pm
===================================================================
--- trunk/LedgerSMB/AA.pm 2007-07-27 05:08:24 UTC (rev 1445)
+++ trunk/LedgerSMB/AA.pm 2007-07-27 05:23:50 UTC (rev 1446)
@@ -887,12 +887,12 @@
$where .= qq|
AND (a.id IN (SELECT DISTINCT trans_id
FROM acc_trans
- WHERE lower(memo) LIKE '$var')
+ WHERE lower(memo) LIKE $var)
OR a.id IN
(SELECT DISTINCT trans_id
FROM invoice
WHERE lower(description)
- LIKE '$var'))|;
+ LIKE $var))|;
}
if ($form->{invoice_type}) {
Modified: trunk/LedgerSMB/CT.pm
===================================================================
--- trunk/LedgerSMB/CT.pm 2007-07-27 05:08:24 UTC (rev 1445)
+++ trunk/LedgerSMB/CT.pm 2007-07-27 05:23:50 UTC (rev 1446)
@@ -768,7 +768,7 @@
$form->sort_order();
if ( $form->{"$form->{db}number"} ne "" ) {
- $var = $dbh->( $form->like( lc $form->{"$form->{db}number"} ) );
+ $var = $dbh->quote( $form->like( lc $form->{"$form->{db}number"} ) );
$where .= " AND lower(ct.$form->{db}number) LIKE $var";
}
@@ -786,8 +786,8 @@
}
if ( $form->{employee} ne "" ) {
- $var = $form->like( lc $form->{employee} );
- $where .= " AND lower(e.name) LIKE '$var'";
+ $var = $dbh->quote($form->like(lc $form->{employee}));
+ $where .= " AND lower(e.name) LIKE $var";
}
$transwhere .=
Modified: trunk/LedgerSMB/OE.pm
===================================================================
--- trunk/LedgerSMB/OE.pm 2007-07-27 05:08:24 UTC (rev 1445)
+++ trunk/LedgerSMB/OE.pm 2007-07-27 05:23:50 UTC (rev 1446)
@@ -197,10 +197,10 @@
}
if ( $form->{description} ne "" ) {
- $var = $form->like( lc $form->{description} );
+ $var = $dbh->quote($form->like( lc $form->{description} ));
$query .= " AND o.id IN (SELECT DISTINCT trans_id
FROM orderitems
- WHERE lower(description) LIKE '$var')";
+ WHERE lower(description) LIKE $var)";
push @queryargs, $var;
}
@@ -1989,12 +1989,12 @@
if ( $form->{partnumber} ne "" ) {
$var = $dbh->quote( $form->like( lc $form->{partnumber} ) );
$where .= "
- AND lower(p.partnumber) LIKE '$var'";
+ AND lower(p.partnumber) LIKE $var";
}
if ( $form->{description} ne "" ) {
$var = $dbh->quote( $form->like( lc $form->{description} ) );
$where .= "
- AND lower(p.description) LIKE '$var'";
+ AND lower(p.description) LIKE $var";
}
if ( $form->{partsgroup} ne "" ) {
( $null, $var ) = split /--/, $form->{partsgroup};
Modified: trunk/LedgerSMB/PE.pm
===================================================================
--- trunk/LedgerSMB/PE.pm 2007-07-27 05:08:24 UTC (rev 1445)
+++ trunk/LedgerSMB/PE.pm 2007-07-27 05:23:50 UTC (rev 1446)
@@ -987,7 +987,7 @@
if ( $form->{partsgroup} ne "" ) {
$var = $dbh->quote( $form->like( lc $form->{partsgroup} ) );
- $where .= " AND lower(partsgroup) LIKE '$var'";
+ $where .= " AND lower(partsgroup) LIKE $var";
}
$query .= qq| WHERE $where ORDER BY $sortorder|;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.