Project:
| View Revisions: Issue #38139 | [ Back to Issue ] | ||
| Summary | 0038139: POSLoginHandler.getDefaults is not using bind-parameters | ||
| Revision | 2018-03-14 14:33 by shuehner | ||
| Description | This code should use bind-params: OBQuery<OBPOSApplications> appQry = OBDal.getInstance().createQuery( OBPOSApplications.class, "where searchKey = '" + terminalSearchKey + "'" + " and ((ad_isorgincluded(" + "(select organization from ADUser where id='" + userId + "')" + ", organization, client.id) <> -1) or " + "(ad_isorgincluded(organization, " + "(select organization from ADUser where id='" + userId + "')" + ", client.id) <> -1)) "); // Terminal access will be checked to ensure that the user has access to the terminal OBQuery<TerminalAccess> accessCrit = OBDal.getInstance().createQuery(TerminalAccess.class, "where userContact.id='" + userId + "'"); |
||
| Revision | 2018-03-14 13:35 by shuehner | ||
| Description | This code should use bind-params: OBQuery<OBPOSApplications> appQry = OBDal.getInstance().createQuery( OBPOSApplications.class, "where searchKey = '" + terminalSearchKey + "'" + " and ((ad_isorgincluded(" + "(select organization from ADUser where id='" + userId + "')" + ", organization, client.id) <> -1) or " + "(ad_isorgincluded(organization, " + "(select organization from ADUser where id='" + userId + "')" + ", client.id) <> -1)) "); |
||
| Copyright © 2000 - 2009 MantisBT Group |
 |