schuetz3/schuetz3-erpnext
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix quote issues (#15497)

Browse Source 
* Fix quotes issues

* Remove frappe.db.escape
- Handle escape in the update_linked_doctypes method
This commit is contained in:
Suraj Shetty
2018-09-26 18:15:53 +05:30
committed by Nabin Hait
parent 171c7d4128
commit 6ea3de9521
4 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
erpnext/controllers/queries.py
View File

@@ -219,7 +219,7 @@ def bom(doctype, txt, searchfield, start, page_len, filters):
def get_project_name(doctype, txt, searchfield, start, page_len, filters):
cond = ''
if filters.get('customer'):
cond = """(`tabProject`.customer = '%s' or
cond = """(`tabProject`.customer = %s or
ifnull(`tabProject`.customer,"")="") and""" %(frappe.db.escape(filters.get("customer")))
return frappe.db.sql("""select `tabProject`.name from `tabProject`
@@ -398,7 +398,7 @@ def warehouse_query(doctype, txt, searchfield, start, page_len, filters):
CONCAT_WS(" : ", "Actual Qty", ifnull( ({sub_query}), 0) ) as actual_qty
from `tabWarehouse`
where
`tabWarehouse`.`{key}` like '{txt}'
`tabWarehouse`.`{key}` like {txt}
{fcond} {mcond}
order by
`tabWarehouse`.name desc