dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 13937: SQL view, fixed bug, criteria column must be quoted

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Wed, 05 Feb 2014 10:42:34 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 13937
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2014-02-05 12:39:07 +0200
message:
  SQL view, fixed bug, criteria column must be quoted
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java
  dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java	2013-10-08 17:16:47 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java	2014-02-05 10:39:07 +0000
@@ -114,7 +114,7 @@
                     String filter = criteria[0];
                     String value = criteria[1];
 
-                    if ( StringUtils.isAlphanumeric( filter ) && StringUtils.isAlphanumeric( value ) )
+                    if ( StringUtils.isAlphanumericSpace( filter ) && StringUtils.isAlphanumericSpace( value ) )
                     {
                         map.put( filter, value );
                     }

=== modified file 'dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java'
--- dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java	2014-01-28 14:18:54 +0000
+++ dhis-2/dhis-services/dhis-service-administration/src/main/java/org/hisp/dhis/sqlview/jdbc/JdbcSqlViewExpandStore.java	2014-02-05 10:39:07 +0000
@@ -124,7 +124,7 @@
 
             for ( String filter : criteria.keySet() )
             {
-                sql += " " + helper.whereAnd() + " " + filter + "='" + criteria.get( filter ) + "'";
+                sql += " " + helper.whereAnd() + " " + statementBuilder.columnQuote( filter ) + "='" + criteria.get( filter ) + "'";
             }
         }