From: ivan <ivan>
Date: Sun, 6 Jun 2010 03:01:48 +0000 (+0000)
Subject: fix sql query, RT#8035
X-Git-Tag: freeside_1_9_4~69
X-Git-Url: http://git.freeside.biz/gitweb/?a=commitdiff_plain;ds=sidebyside;h=3fae333d75dc458423644720f8b2e4f500e8a72d;p=freeside.git

fix sql query, RT#8035
---

diff --git a/httemplate/search/elements/search.html b/httemplate/search/elements/search.html
index b97a9b321..3c5ff687f 100644
--- a/httemplate/search/elements/search.html
+++ b/httemplate/search/elements/search.html
@@ -332,7 +332,7 @@ if ( $opt{'disableable'} ) {
 my $limit = '';
 my($confmax, $maxrecords, $offset );
 
-if ( !$type =~ /^(csv|\w*.xls)$/) {
+unless ( $type =~ /^(csv|\w*.xls)$/) {
 # html mode
   unless (exists($opt{count_query}) && length($opt{count_query})) {
     ( $opt{count_query} = $opt{query} ) =~
diff --git a/httemplate/search/sql.html b/httemplate/search/sql.html
index df9b8cddb..bf5446975 100644
--- a/httemplate/search/sql.html
+++ b/httemplate/search/sql.html
@@ -1,13 +1,15 @@
 <% include( 'elements/search.html',
                'title' => 'Query Results',
                'name'  => 'rows',
-               'query' => 'SELECT '. ( $cgi->param('sql')
-                             || errorpage('Empty query') ),
-    )
+               'query' => "SELECT $sql",
+          )
 %>
 <%init>
 
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
 
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+
 </%init>