my $limit = '';
my($confmax, $maxrecords, $offset );
-if ( !$type =~ /^(csv|\w*.xls)$/) {
+unless ( $type =~ /^(csv|\w*.xls)$/) {
# html mode
unless (exists($opt{count_query}) && length($opt{count_query})) {
( $opt{count_query} = $opt{query} ) =~
<% include( 'elements/search.html',
'title' => 'Query Results',
'name' => 'rows',
- 'query' => 'SELECT '. ( $cgi->param('sql')
- || errorpage('Empty query') ),
- )
+ 'query' => "SELECT $sql",
+ )
%>
<%init>
die "access denied"
unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+
</%init>