Openbravo Issue Tracking System - Retail Modules
View Issue Details
IDProjectCategoryView StatusDate SubmittedLast Update
0038139Retail ModulesWeb POSpublic2018-03-14 13:352018-03-27 17:48
Reportershuehner 
Assigned ToSandrahuguet 
PrioritynormalSeveritymajorReproducibilityhave not tried
StatusclosedResolutionfixed 
PlatformOS5OS Version
Product Version 
Target VersionFixed in VersionRR18Q2 
Merge Request Status
Review Assigned Tomarvintm
OBNetwork customer
Support ticket
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary0038139: POSLoginHandler.getDefaults is not using bind-parameters
DescriptionThis code should use bind-params:

      OBQuery<OBPOSApplications> appQry = OBDal.getInstance().createQuery(
          OBPOSApplications.class,
          "where searchKey = '" + terminalSearchKey + "'" + " and ((ad_isorgincluded("
              + "(select organization from ADUser where id='" + userId + "')"
              + ", organization, client.id) <> -1) or " + "(ad_isorgincluded(organization, "
              + "(select organization from ADUser where id='" + userId + "')"
              + ", client.id) <> -1)) ");

      // Terminal access will be checked to ensure that the user has access to the terminal
      OBQuery<TerminalAccess> accessCrit = OBDal.getInstance().createQuery(TerminalAccess.class,
          "where userContact.id='" + userId + "'");
Steps To Reproduce-
Proposed Solution
Additional Information
TagsNo tags attached.
Relationships
blocks design defect 0038136 acknowledged Triage Platform Base Openbravo ERP Tracking issue: Find & Fix queries not using bind-params but embedding values into query string 
Attached Files
Issue History
Date ModifiedUsernameFieldChange
2018-03-14 13:35shuehnerNew Issue
2018-03-14 13:35shuehnerAssigned To => Retail
2018-03-14 13:35shuehnerTriggers an Emergency Pack => No
2018-03-14 13:36shuehnerRelationship addedblocks 0038136
2018-03-14 14:33shuehnerDescription Updatedbug_revision_view_page.php?rev_id=16837#r16837
2018-03-14 16:34shuehnerAssigned ToRetail => Sandrahuguet
2018-03-14 17:36SandrahuguetStatusnew => scheduled
2018-03-16 08:19hgbotCheckin
2018-03-16 08:19hgbotNote Added: 0103296
2018-03-16 08:19hgbotStatusscheduled => resolved
2018-03-16 08:19hgbotResolutionopen => fixed
2018-03-16 08:19hgbotFixed in SCM revision => http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/e871e5c492054e766327db523d3b1ec3181e4ab1 [^]
2018-03-16 08:29SandrahuguetReview Assigned To => marvintm
2018-03-19 09:32marvintmStatusresolved => closed
2018-03-19 09:32marvintmFixed in Version => RR18Q2
2018-03-20 17:48SandrahuguetNote Added: 0103377
2018-03-20 17:48SandrahuguetStatusclosed => new
2018-03-20 17:48SandrahuguetResolutionfixed => open
2018-03-20 17:48SandrahuguetFixed in VersionRR18Q2 =>
2018-03-21 09:29hgbotCheckin
2018-03-21 09:29hgbotNote Added: 0103382
2018-03-21 09:30SandrahuguetStatusnew => scheduled
2018-03-21 09:30SandrahuguetStatusscheduled => resolved
2018-03-21 09:30SandrahuguetFixed in Version => RR18Q2
2018-03-21 09:30SandrahuguetResolutionopen => fixed
2018-03-27 17:48marvintmStatusresolved => closed

Notes
(0103296)
hgbot   
2018-03-16 08:19   
Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: e871e5c492054e766327db523d3b1ec3181e4ab1
Author: Sandra Huguet <sandra.huguet <at> openbravo.com>
Date: Wed Mar 14 17:36:35 2018 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/e871e5c492054e766327db523d3b1ec3181e4ab1 [^]

Fixed issue 38139 use bind-parameters in POSLoginHandler.getDefaults

---
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---
(0103377)
Sandrahuguet   
2018-03-20 17:48   
missing second query
(0103382)
hgbot   
2018-03-21 09:29   
Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: 57ee333eaf8552771805a82d0d7c28b3c3a1e1bb
Author: Sandra Huguet <sandra.huguet <at> openbravo.com>
Date: Tue Mar 20 18:11:22 2018 +0100
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/57ee333eaf8552771805a82d0d7c28b3c3a1e1bb [^]

related to issue 38139 use bind-parameters in POSLoginHandler.getDefaults

---
M src/org/openbravo/retail/posterminal/POSLoginHandler.java
---