schuetz3/schuetz3-erpnext
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: using query.walk() for escaping

Browse Source 
(cherry picked from commit 5ea131c763)
This commit is contained in:
ljain112
2024-12-17 18:49:38 +05:30
committed by Mergify
parent 83aeb2e475
commit 40a8ed8571
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
erpnext/accounts/report/financial_statements.py
View File

@@ -527,8 +527,6 @@ def get_accounting_entries(
account_filter_query = get_account_filter_query(root_lft, root_rgt, root_type, gl_entry) account_filter_query = get_account_filter_query(root_lft, root_rgt, root_type, gl_entry)
query = query.where(ExistsCriterion(account_filter_query)) query = query.where(ExistsCriterion(account_filter_query))
query = query.get_sql()
from frappe.desk.reportview import build_match_conditions from frappe.desk.reportview import build_match_conditions
match_conditions = build_match_conditions(doctype) match_conditions = build_match_conditions(doctype)
@@ -536,9 +534,9 @@ def get_accounting_entries(
if match_conditions: if match_conditions:
query += "and" + match_conditions query += "and" + match_conditions
entries = frappe.db.sql(query, as_dict=True) query, params = query.walk()
return entries return frappe.db.sql(query, params, as_dict=True)
def get_account_filter_query(root_lft, root_rgt, root_type, gl_entry): def get_account_filter_query(root_lft, root_rgt, root_type, gl_entry):