Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0040699
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] Z. Othersminorhave not tried2019-04-04 13:382019-05-03 12:02
ReporteralostaleView Statuspublic 
Assigned Tononofrancisco 
PrioritynormalResolutionfixedFixed in Version3.0PR19Q2
StatusclosedFix in branchFixed in SCM revisiona6071ba31e77
ProjectionnoneETAnoneTarget Version3.0PR19Q2
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Tovmromanos
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0040699: use bind-parameters in FactLine

DescriptionFactLine.getDescription method is generating a sql setting parameters by String concatenation, replace tokens by bind parameters.
Steps To Reproduce-
Proposed SolutionIf query can be executed in Dal transaction can be done as:

        strSql = strSql.replaceAll("@RecordId@", ":recordId").replaceAll("@Line@", ":lineId");
        description.append(OBDal.getInstance().getSession()
            .createNativeQuery(strSql)
            .setParameter("lineId", localStrLine)
            .setParameter("recordId", strRecord_ID)
            .uniqueResult());
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 0040523 closednonofrancisco use bind-parameters in FactLine 

-  Notes
(0111466)
hgbot (developer)
2019-05-03 11:28

 Repository: erp/backports/3.0PR19Q2
Changeset: a6071ba31e77bbd096a9ea96de16cb61eac7b7bd
Author: Nono Carballo <nonofce <at> gmail.com>
Date: Thu May 02 12:00:38 2019 -0400
URL: http://code.openbravo.com/erp/backports/3.0PR19Q2/rev/a6071ba31e77bbd096a9ea96de16cb61eac7b7bd [^]

Fixes issue 40699: Uses bind parameters in query

Instead of using string concatenation to form the query, bind parameters are
used.

---
M src/org/openbravo/erpCommon/ad_forms/FactLine.java
---
(0111467)
hgbot (developer)
2019-05-03 11:28

 Repository: erp/backports/3.0PR19Q2
Changeset: 210417cb1b7e165b4399d2b909a80be3f19915c1
Author: Víctor Martínez Romanos <victor.martinez <at> openbravo.com>
Date: Fri May 03 09:54:13 2019 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR19Q2/rev/210417cb1b7e165b4399d2b909a80be3f19915c1 [^]

Related to issue 40699: code review improvements
Centralize localStrLine definition in just one line, when it's used.
Change parameter names to make more difficult to have conflicts with user defined params.
Remove 'if' for corner case. This creates a very small change in this scenario:
  select 'RecordId: ' || @RecordId@ || ', Line: ' || @Line@ from dual
  When Line is null then:
    Before: NULL
    After: RecordId: 3232199ED4824EE3A07BCC1E580ABFE7, Line: NULL

---
M src/org/openbravo/erpCommon/ad_forms/FactLine.java
---
(0111471)
vmromanos (manager)
2019-05-03 12:02

 Code review + testing OK

- Issue History
Date Modified Username Field Change
2019-04-29 13:34 nonofrancisco Type defect => backport
2019-04-29 13:34 nonofrancisco Target Version => 3.0PR19Q2
2019-05-03 11:28 hgbot Checkin
2019-05-03 11:28 hgbot Note Added: 0111466
2019-05-03 11:28 hgbot Status scheduled => resolved
2019-05-03 11:28 hgbot Resolution open => fixed
2019-05-03 11:28 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR19Q2/rev/a6071ba31e77bbd096a9ea96de16cb61eac7b7bd [^]
2019-05-03 11:28 hgbot Checkin
2019-05-03 11:28 hgbot Note Added: 0111467
2019-05-03 12:02 vmromanos Review Assigned To => vmromanos
2019-05-03 12:02 vmromanos Note Added: 0111471
2019-05-03 12:02 vmromanos Status resolved => closed
2019-05-03 12:02 vmromanos Fixed in Version => 3.0PR19Q2

Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker