Anonymous | Login
Project:
RSS
  
News | My View | View Issues | Roadmap | Summary

View Issue DetailsJump to Notes ] Issue History ] Print ]
ID
0041258
TypeCategorySeverityReproducibilityDate SubmittedLast Update
backport[Openbravo ERP] 09. Financial managementmajorhave not tried2019-06-27 18:092019-07-16 16:42
ReportershuehnerView Statuspublic 
Assigned ToTriage Omni OMS 
PrioritynormalResolutionfixedFixed in Version3.0PR19Q3
StatusclosedFix in branchFixed in SCM revision8742d03be063
ProjectionnoneETAnoneTarget Version3.0PR19Q3
OSAnyDatabaseAnyJava version
OS VersionDatabase versionAnt version
Product VersionSCM revision 
Review Assigned Todmiguelez
Web browser
ModulesCore
Regression level
Regression date
Regression introduced in release
Regression introduced by commit
Triggers an Emergency PackNo
Summary

0041258: PaymentReportDao is not using bind-param

DescriptionSeveral cases in that file are not using bind-param both for simple values i.e. here:
          hsqlScript.append(" and fpsd.");
          hsqlScript.append(FIN_PaymentScheduleDetail.PROPERTY_ORGANIZATION);
          hsqlScript.append(".id = '");
          hsqlScript.append(strOrg);
          hsqlScript.append("'");

as well as for list of values in in-clauses:
          hsqlScript.append(".id in ('");
          Set<String> orgChildTree = OBContext.getOBContext()
              .getOrganizationStructureProvider()
              .getChildTree(strOrg, true);
          Iterator<String> orgChildTreeIter = orgChildTree.iterator();
          while (orgChildTreeIter.hasNext()) {
            hsqlScript.append(orgChildTreeIter.next());
            orgChildTreeIter.remove();
            hsqlScript.append("'");
            if (orgChildTreeIter.hasNext()) {
              hsqlScript.append(", '");
            }
          }
          hsqlScript.append(")");
        }


Note: that setParameterList can be easily use to pass value lists directly see issue 40580 for an example
Steps To Reproduce-
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
blocks defect 00411993.0PR19Q4 closedcollazoandy4 PaymentReportDao is not using bind-param 

-  Notes
(0113435)
hgbot (developer)
2019-07-16 16:42

Repository: erp/backports/3.0PR19Q3
Changeset: 8742d03be06390b88c775566cc00e5d5a1200985
Author: Armaignac <collazoandy4 <at> gmail.com>
Date: Tue Jul 16 12:17:19 2019 +0200
URL: http://code.openbravo.com/erp/backports/3.0PR19Q3/rev/8742d03be06390b88c775566cc00e5d5a1200985 [^]

Fixes issue 41258: PaymentReportDao is not using bind-param

Applied bind-params in getPaymentReport method

---
M modules/org.openbravo.financial.paymentreport/src/org/openbravo/financial/paymentreport/erpCommon/ad_reports/PaymentReportDao.java
---
(0113438)
dmiguelez (developer)
2019-07-16 16:42

Code Review + Testing Ok

- Issue History
Date Modified Username Field Change
2019-07-03 17:00 shuehner Type defect => backport
2019-07-03 17:00 shuehner Target Version => 3.0PR19Q3
2019-07-16 16:42 hgbot Checkin
2019-07-16 16:42 hgbot Note Added: 0113435
2019-07-16 16:42 hgbot Status scheduled => resolved
2019-07-16 16:42 hgbot Resolution open => fixed
2019-07-16 16:42 hgbot Fixed in SCM revision => http://code.openbravo.com/erp/backports/3.0PR19Q3/rev/8742d03be06390b88c775566cc00e5d5a1200985 [^]
2019-07-16 16:42 dmiguelez Review Assigned To => dmiguelez
2019-07-16 16:42 dmiguelez Note Added: 0113438
2019-07-16 16:42 dmiguelez Status resolved => closed
2019-07-16 16:42 dmiguelez Fixed in Version => 3.0PR19Q3


Copyright © 2000 - 2009 MantisBT Group
Powered by Mantis Bugtracker