fix sql query, RT#8035

author: ivan <ivan> 2010-06-06 03:01:48 +0000
committer: ivan <ivan> 2010-06-06 03:01:48 +0000
commit: 3fae333d75dc458423644720f8b2e4f500e8a72d (patch)
tree: 317b4a486d53c6e161439cdc52ec463f61bfe915 /httemplate/search/sql.html
parent: 36ed9a9b42e9e544fab07139069c40cbb5e0d5ab (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/httemplate/search/sql.html b/httemplate/search/sql.html
index df9b8cddb..bf5446975 100644
--- a/httemplate/search/sql.html
+++ b/httemplate/search/sql.html
@@ -1,13 +1,15 @@
 <% include( 'elements/search.html',
                'title' => 'Query Results',
                'name'  => 'rows',
-               'query' => 'SELECT '. ( $cgi->param('sql')
-                             || errorpage('Empty query') ),
-    )
+               'query' => "SELECT $sql",
+          )
 %>
 <%init>
 
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
 
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+
 </%init>
author	ivan <ivan>	2010-06-06 03:01:48 +0000
committer	ivan <ivan>	2010-06-06 03:01:48 +0000
commit	3fae333d75dc458423644720f8b2e4f500e8a72d (patch)
tree	317b4a486d53c6e161439cdc52ec463f61bfe915 /httemplate/search/sql.html
parent	36ed9a9b42e9e544fab07139069c40cbb5e0d5ab (diff)