fineract-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [fineract] thesmallstar opened a new pull request #1171: FINERACT-854 Removed string concatenated SQL in GroupReadPlatform
Date Sun, 12 Jul 2020 20:32:28 GMT

thesmallstar opened a new pull request #1171:
URL: https://github.com/apache/fineract/pull/1171


   There are 3 things to be reviewed:
   1. Why is "o.hierarchy like" is added two times? - I could not find any particular reason:
   -> The only reason that makes sense is we want it to be like X and also Y (which maybe
be required).
   
   2.   I did not get what the following code was supposed to do. 
   ```
   if (StringUtils.isNotBlank(extraCriteria.toString())) {
               extraCriteria.delete(0, 4);
           }
   ```
   Also this part
   `and g.staff_id = ? `
   was added twice, with nearly the same condition. I have removed one of them.
   
   3. The same problem that was in #1123
   that we take SQL template from user which can be any SQL query string, how do we prevent
SQL injection in that case?
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



Mime
View raw message