6.0.0-alpha14
7/3/25

[#6552] DB Error: syntax error when searching with no criteria
Summary DB Error: syntax error when searching with no criteria
Queue Hermes
Type Bug
State Resolved
Priority 1. Low
Owners jan (at) horde (dot) org
Requester php (at) ideacode (dot) com
Created 03/31/2008 (6303 days ago)
Due
Updated 10/02/2009 (5753 days ago)
Assigned
Resolved 04/04/2008 (6299 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch No

History
10/02/2009 03:20:22 AM HJTR (at) hotmail (dot) com Comment #4 Reply to this comment
How do I remove my email Address? Apparently It is controlled (in my 
name) by a woman who I no longer have dealings with.
04/04/2008 11:45:52 AM Jan Schneider Comment #3
Assigned to Jan Schneider
State ⇒ Resolved
Reply to this comment
Committed, thanks. I also fixed the link_page parameter being passed 
in as a criteria.
03/31/2008 11:14:55 PM php (at) ideacode (dot) com Comment #2 Reply to this comment
Ugh. Can someone edit comment #1 and remove that email address I 
included? I don't want a spam bot getting it.  Thanks.
03/31/2008 11:13:33 PM php (at) ideacode (dot) com Comment #1
Priority ⇒ 1. Low
New Attachment: issue.diff Download
Patch ⇒ No
Milestone ⇒
Queue ⇒ Hermes
Summary ⇒ DB Error: syntax error when searching with no criteria
Type ⇒ Bug
State ⇒ Unconfirmed
Reply to this comment
As a user with hermes:review permission, click Search in the top menu 
bar, then -- without selecting any criteria -- click Search 
immediately.  A "DB Error: syntax error" is returned, when I expect to 
see all entered hours.



In non-reviewer cases, the "employee" criterion is always passed 
implicitly, as that's the filter used to limit that person's search.   
Thus inspecting $sql at hermes/lib/Driver/sql.php:280 shows $filters as:

array(2) {

   ["employee"]=>

   string(21) "pmvaleri@ideacode.com"

   ["link_page"]=>

   string(10) "search.php"

}



When doing that same query as a reviewer, however, $filters is:

array(1) {

   ["link_page"]=>

   string(10) "search.php"

}



The problem is that $filters contains one entry, which causes the 
WHERE clause keyword to be inserted into the SQL statement, but then 
no actual criteria are added after the WHERE clause, since link_page 
is not a criterion but an option being passed in for the function to 
use otherwise.



The best fix is to insert the WHERE keyword only when certain there's 
actually a where clause.  Unified diff attached.

Saved Queries