dhis2-devs team mailing list archive

[Jason Pickering <jason.p.pickering@xxxxxxxxx>]

Hi there.

This syntax is not supported as you can see from the documentation
<http://dhis2.github.io/dhis2-docs/2.21/en/developer/html/ch01s25.html>

*The variable parameter must contain alphanumeric characters only. The
variables must contain alphanumeric, dash, underscore and whitespace
characters only.*

This might be something which can added, but there could be an increased
risk of SQL injection attacks, which these restrictions are meant to try
and prevent to some extent.  Maybe the developers can say more about this.

Regards,
Jason


On Fri, May 27, 2016 at 8:14 AM, Priyanka Bawa <priyankabawa609@xxxxxxxxx>
wrote:

> This error comes in version 2.20.
>
> Regards
> Priyanka
>
> On Fri, May 27, 2016 at 11:36 AM, Priyanka Bawa <priyankabawa609@xxxxxxxxx
> > wrote:
>
>> Hi
>> I am trying to create an SQLView where i am using a variable (
>> *populationFormSOU1).* The result of this variable is comma separated as
>> :-  shvnNIx,1biz5LW,BZuwzHr5,RP4CW,lYFre,n5z2VKrv,5Ut1oxMO,FJETOdBp,h7sbFDA
>>
>> SELECT COUNT(*) FROM completedatasetregistration WHERE sourceid IN
>> (populationFormSOU1='${*populationFormSOU1*}') AND datasetid = 52 AND
>> periodid = '${periodid}';
>>
>>
>> The result of above SQLView says that the variables are invalid [image:
>> Inline image 1]
>> Seems that the query doesn't take variables having any special character.
>> Any help will be appreciated.
>>
>> Regards
>> Priyanka
>>
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-devs
> Post to     : dhis2-devs@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs
> More help   : https://help.launchpad.net/ListHelp
>
>


-- 
Jason P. Pickering
email: jason.p.pickering@xxxxxxxxx
tel:+46764147049