| Summary | DB Error: syntax error when searching with no criteria |
| Queue | Hermes |
| Type | Bug |
| State | Resolved |
| Priority | 1. Low |
| Owners | jan (at) horde (dot) org |
| Requester | php (at) ideacode (dot) com |
| Created | 2008-03-31 (4040 days ago) |
| Due | |
| Updated | 2009-10-02 (3490 days ago) |
| Assigned | |
| Resolved | 2008-04-04 (4036 days ago) |
| Milestone | |
| Patch | No |
name) by a woman who I no longer have dealings with.
Assigned to Jan Schneider
State ⇒ Resolved
in as a criteria.
#1and remove that email address Iincluded? I don't want a spam bot getting it. Thanks.
Type ⇒ Bug
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Summary ⇒ DB Error: syntax error when searching with no criteria
Queue ⇒ Hermes
Milestone ⇒
Patch ⇒ No
New Attachment: issue.diff
bar, then -- without selecting any criteria -- click Search
immediately. A "DB Error: syntax error" is returned, when I expect to
see all entered hours.
In non-reviewer cases, the "employee" criterion is always passed
implicitly, as that's the filter used to limit that person's search.
Thus inspecting $sql at hermes/lib/Driver/sql.php:280 shows $filters as:
array(2) {
["employee"]=>
string(21) "pmvaleri@ideacode.com"
["link_page"]=>
string(10) "search.php"
}
When doing that same query as a reviewer, however, $filters is:
array(1) {
["link_page"]=>
string(10) "search.php"
}
The problem is that $filters contains one entry, which causes the
WHERE clause keyword to be inserted into the SQL statement, but then
no actual criteria are added after the WHERE clause, since link_page
is not a criterion but an option being passed in for the function to
use otherwise.
The best fix is to insert the WHERE keyword only when certain there's
actually a where clause. Unified diff attached.