diff options
author | ivan <ivan> | 2010-06-06 03:01:47 +0000 |
---|---|---|
committer | ivan <ivan> | 2010-06-06 03:01:47 +0000 |
commit | 2689f764528e5df4e01e39dc3c451f3278973c24 (patch) | |
tree | c1a743a5cf0981cb1dcb169dd838f905cee738f5 /httemplate | |
parent | c6b42e5acda43d01e17a3fe7efe1d5dffcf610cd (diff) |
fix sql query, RT#8035
Diffstat (limited to 'httemplate')
-rw-r--r-- | httemplate/search/elements/search.html | 2 | ||||
-rw-r--r-- | httemplate/search/sql.html | 8 |
2 files changed, 6 insertions, 4 deletions
diff --git a/httemplate/search/elements/search.html b/httemplate/search/elements/search.html index a258f1721..218816938 100644 --- a/httemplate/search/elements/search.html +++ b/httemplate/search/elements/search.html @@ -335,7 +335,7 @@ if ( $opt{'disableable'} ) { my $limit = ''; my($confmax, $maxrecords, $offset ); -if ( !$type =~ /^(csv|\w*.xls)$/) { +unless ( $type =~ /^(csv|\w*.xls)$/) { # html mode unless (exists($opt{count_query}) && length($opt{count_query})) { ( $opt{count_query} = $opt{query} ) =~ diff --git a/httemplate/search/sql.html b/httemplate/search/sql.html index df9b8cddb..bf5446975 100644 --- a/httemplate/search/sql.html +++ b/httemplate/search/sql.html @@ -1,13 +1,15 @@ <% include( 'elements/search.html', 'title' => 'Query Results', 'name' => 'rows', - 'query' => 'SELECT '. ( $cgi->param('sql') - || errorpage('Empty query') ), - ) + 'query' => "SELECT $sql", + ) %> <%init> die "access denied" unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL'); +my $sql = $cgi->param('sql') or errorpage('Empty query'); +$sql =~ s/;+\s*$//; #remove trailing ; + </%init> |