Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0040584
TypeCategorySeverityReproducibilityDate SubmittedLast Update
defect[Retail Modules] Web POSmajorhave not tried2019-04-10 12:532019-04-30 11:55
ReportershuehnerView Statuspublic 
Assigned Toranjith_qualiantech_com 
PrioritynormalResolutionfixedFixed in Version
StatusclosedFix in branchFixed in SCM revision
ProjectionnoneETAnoneTarget Version
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Toadrianromero
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0040584: CashUpReport.doPost is not using bind-parameters

DescriptionThis code is not using bind-params:

      final String hqlCashup = "SELECT netsales, grosssales, netreturns, grossreturns, totalretailtransactions " //
          + " FROM OBPOS_App_Cashup " //
          + " WHERE id = '" + cashupId + "' "; //
      final Query<Object[]> cashupQuery = OBDal.getReadOnlyInstance()
          .getSession()
          .createQuery(hqlCashup, Object[].class);

and

      final String hqlTaxes = String.format("SELECT name, STR(ABS(amount)) " //
          + " FROM OBPOS_Taxcashup " //
          + " WHERE obpos_app_cashup_id='%s' AND ordertype='0' " //
          + " ORDER BY name ", cashupId);
      final Query<Object[]> salesTaxesQuery = OBDal.getReadOnlyInstance()
          .getSession()
          .createQuery(hqlTaxes, Object[].class);

and

      final String hqlReturnTaxes = String.format("SELECT name, STR(ABS(amount)) " //
          + " FROM OBPOS_Taxcashup " //
          + " WHERE obpos_app_cashup_id='%s' AND ordertype='1' " //
          + " ORDER BY name ", cashupId);
      final Query<Object[]> returnsTaxesQuery = OBDal.getReadOnlyInstance()
          .getSession()
          .createQuery(hqlReturnTaxes, Object[].class);
Steps To Reproduce-
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
depends on backport 0040716RR19Q2 closedranjith_qualiantech_com Retail Modules CashUpReport.doPost is not using bind-parameters 
depends on backport 0040717RR19Q1.1 closedranjith_qualiantech_com Retail Modules CashUpReport.doPost is not using bind-parameters 
blocks design defect 0038136 acknowledgedplatform Openbravo ERP Tracking issue: Find & Fix queries not using bind-params but embedding values into query string 

-  Notes
(0111090)
ranjith_qualiantech_com (developer)
2019-04-12 07:45

Repository: erp/pmods/org.openbravo.retail.posterminal
Changeset: c82334b59fdf53cb9b49284e8ff3a939c5c46d03
Author: Ranjith S R <ranjith <at> qualiantech.com>
Date: Fri Apr 12 11:13:56 2019 +0530
URL: http://code.openbravo.com/erp/pmods/org.openbravo.retail.posterminal/rev/c82334b59fdf53cb9b49284e8ff3a939c5c46d03 [^] [^]

Fixed issue 40584 : Update CashupReport query to use query parameter

---
M src/org/openbravo/retail/posterminal/ad_reports/CashUpReport.java
(0111270)
adrianromero (manager)
2019-04-24 12:46

Verified.
(0111385)
shuehner (administrator)
2019-04-30 11:55

Reopening just to schedule backports

- Issue History
Date Modified Username Field Change
2019-04-10 12:53 shuehner New Issue
2019-04-10 12:53 shuehner Assigned To => Retail
2019-04-10 12:53 shuehner Triggers an Emergency Pack => No
2019-04-10 12:53 shuehner Relationship added blocks 0038136
2019-04-11 11:53 ranjith_qualiantech_com Assigned To Retail => ranjith_qualiantech_com
2019-04-12 07:24 ranjith_qualiantech_com Status new => scheduled
2019-04-12 07:45 ranjith_qualiantech_com Note Added: 0111090
2019-04-12 07:45 ranjith_qualiantech_com Status scheduled => resolved
2019-04-12 07:45 ranjith_qualiantech_com Resolution open => fixed
2019-04-24 12:46 adrianromero Review Assigned To => adrianromero
2019-04-24 12:46 adrianromero Note Added: 0111270
2019-04-24 12:46 adrianromero Status resolved => closed
2019-04-24 12:46 adrianromero Fixed in Version => RR19Q3
2019-04-30 11:55 shuehner Note Added: 0111385
2019-04-30 11:55 shuehner Status closed => new
2019-04-30 11:55 shuehner Resolution fixed => open
2019-04-30 11:55 shuehner Fixed in Version RR19Q3 =>
2019-04-30 11:55 shuehner Status new => scheduled
2019-04-30 11:55 shuehner Status scheduled => resolved
2019-04-30 11:55 shuehner Resolution open => fixed
2019-04-30 11:55 shuehner Status resolved => closed


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker