fix sql query, RT#8035

author: ivan <ivan> 2010-06-06 03:01:47 +0000
committer: ivan <ivan> 2010-06-06 03:01:47 +0000
commit: 2689f764528e5df4e01e39dc3c451f3278973c24 (patch)
tree: c1a743a5cf0981cb1dcb169dd838f905cee738f5 /httemplate/search/sql.html
parent: c6b42e5acda43d01e17a3fe7efe1d5dffcf610cd (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/httemplate/search/sql.html b/httemplate/search/sql.html
index df9b8cddb..bf5446975 100644
--- a/httemplate/search/sql.html
+++ b/httemplate/search/sql.html
@@ -1,13 +1,15 @@
 <% include( 'elements/search.html',
                'title' => 'Query Results',
                'name'  => 'rows',
-               'query' => 'SELECT '. ( $cgi->param('sql')
-                             || errorpage('Empty query') ),
-    )
+               'query' => "SELECT $sql",
+          )
 %>
 <%init>
 
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
 
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+
 </%init>
author	ivan <ivan>	2010-06-06 03:01:47 +0000
committer	ivan <ivan>	2010-06-06 03:01:47 +0000
commit	2689f764528e5df4e01e39dc3c451f3278973c24 (patch)
tree	c1a743a5cf0981cb1dcb169dd838f905cee738f5 /httemplate/search/sql.html
parent	c6b42e5acda43d01e17a3fe7efe1d5dffcf610cd (diff)