RT#38597: OQM - svc Circuit use and setup [fixed sql quoting]

author Jonathan Prykop <jonathan@freeside.biz>

Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)

committer Jonathan Prykop <jonathan@freeside.biz>

Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)
author Jonathan Prykop <jonathan@freeside.biz>
Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)
committer Jonathan Prykop <jonathan@freeside.biz>
Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)
diff --git a/FS/FS/svc_circuit.pm b/FS/FS/svc_circuit.pm

index 408bd79..1a42efa 100644 (file)
--- a/FS/FS/svc_circuit.pm
+++ b/FS/FS/svc_circuit.pm
@@ -6,7 +6,7 @@ use base qw(
    FS::MAC_Mixin
    FS::svc_Common
  );
-use FS::Record qw( qsearch qsearchs );
+use FS::Record qw( dbh qsearch qsearchs );
  use FS::circuit_provider;
  use FS::circuit_type;
  use FS::circuit_termination;
@@ -221,9 +221,9 @@ sub label {
  sub search_sql {
    my ($class, $string) = @_;
    my @where = ();
-  push @where, 'LOWER(svc_circuit.circuit_id) = \''.lc($string).'\'';
-  push @where, 'LOWER(circuit_provider.provider) = \''.lc($string).'\'';
-  push @where, 'LOWER(circuit_type.typename) = \''.lc($string).'\'';
+  push @where, 'LOWER(svc_circuit.circuit_id) = ' . dbh->quote($string);
+  push @where, 'LOWER(circuit_provider.provider) = ' . dbh->quote($string);
+  push @where, 'LOWER(circuit_type.typename) = ' . dbh->quote($string);
    '(' . join(' OR ', @where) . ')';
  }
author	Jonathan Prykop <jonathan@freeside.biz>
	Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)
committer	Jonathan Prykop <jonathan@freeside.biz>
	Wed, 11 Nov 2015 05:20:55 +0000 (23:20 -0600)