From 3fae333d75dc458423644720f8b2e4f500e8a72d Mon Sep 17 00:00:00 2001
From: ivan <ivan>
Date: Sun, 6 Jun 2010 03:01:48 +0000
Subject: [PATCH] fix sql query, RT#8035

---
 httemplate/search/elements/search.html | 2 +-
 httemplate/search/sql.html             | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/httemplate/search/elements/search.html b/httemplate/search/elements/search.html
index b97a9b321..3c5ff687f 100644
--- a/httemplate/search/elements/search.html
+++ b/httemplate/search/elements/search.html
@@ -332,7 +332,7 @@ if ( $opt{'disableable'} ) {
 my $limit = '';
 my($confmax, $maxrecords, $offset );
 
-if ( !$type =~ /^(csv|\w*.xls)$/) {
+unless ( $type =~ /^(csv|\w*.xls)$/) {
 # html mode
   unless (exists($opt{count_query}) && length($opt{count_query})) {
     ( $opt{count_query} = $opt{query} ) =~
diff --git a/httemplate/search/sql.html b/httemplate/search/sql.html
index df9b8cddb..bf5446975 100644
--- a/httemplate/search/sql.html
+++ b/httemplate/search/sql.html
@@ -1,13 +1,15 @@
 <% include( 'elements/search.html',
                'title' => 'Query Results',
                'name'  => 'rows',
-               'query' => 'SELECT '. ( $cgi->param('sql')
-                             || errorpage('Empty query') ),
-    )
+               'query' => "SELECT $sql",
+          )
 %>
 <%init>
 
 die "access denied"
   unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
 
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+
 </%init>
-- 
2.11.0