Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Code comment. Better _checkFilters

Browse Source
This commit is contained in:
Laurent Destailleur
2021-08-30 16:54:45 +02:00
parent 581efd0847
commit d2f3d134df
1 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/api/class/api.class.php
View File

@@ -310,14 +310,23 @@ class DolibarrApi
}
if ($tmp[$i] == ')') {
$counter--;
// TODO: After a closing ), only a " or " or " and " or end of string is allowed.
}
if ($counter < 0) {
$error = "Bad sqlfilters=".$sqlfilters;
$error = "Bad sqlfilters (too many closing parenthesis) = ".$sqlfilters;
dol_syslog($error, LOG_WARNING);
return false;
}
$i++;
}
if ($counter > 0) {
$error = "Bad sqlfilters (too many opening parenthesis) = ".$sqlfilters;
dol_syslog($error, LOG_WARNING);
return false;
}
return true;
}
@@ -327,7 +336,8 @@ class DolibarrApi
* Function to forge a SQL criteria
*
* @param array $matches Array of found string by regex search.
* Example: "t.ref:like:'SO-%'" or "t.date_creation:<:'20160101'" or "t.date_creation:<:'2016-01-01 12:30:00'" or "t.nature:is:NULL" or "t.nature:isnot:NULL"
* Each entry is 1 and only 1 criteria.
* Example: "t.ref:like:'SO-%'", "t.date_creation:<:'20160101'", "t.date_creation:<:'2016-01-01 12:30:00'", "t.nature:is:NULL", "t.field2:isnot:NULL"
* @return string Forged criteria. Example: "t.field like 'abc%'"
*/
protected static function _forge_criteria_callback($matches)