projects
/
kivitendo-erp.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
SQL injection bei Zahlungsverkehr behoben
[kivitendo-erp.git]
/
SL
/
RP.pm
diff --git
a/SL/RP.pm
b/SL/RP.pm
index
65cb302
..
c4a9503
100644
(file)
--- a/
SL/RP.pm
+++ b/
SL/RP.pm
@@
-531,13
+531,6
@@
sub get_accounts_g {
FROM acc_trans ac
LEFT JOIN chart c ON (c.id = ac.chart_id)
LEFT JOIN ar ON (ar.id = ac.trans_id)
FROM acc_trans ac
LEFT JOIN chart c ON (c.id = ac.chart_id)
LEFT JOIN ar ON (ar.id = ac.trans_id)
- LEFT JOIN taxkeys tk ON (tk.id = (
- SELECT id FROM taxkeys
- WHERE chart_id = ac.chart_id
- AND startdate <= COALESCE(ar.deliverydate,ar.transdate)
- ORDER BY startdate DESC LIMIT 1
- )
- )
WHERE ac.trans_id IN (SELECT DISTINCT trans_id FROM acc_trans WHERE 1=1 $subwhere)
GROUP BY c.$category
WHERE ac.trans_id IN (SELECT DISTINCT trans_id FROM acc_trans WHERE 1=1 $subwhere)
GROUP BY c.$category
@@
-1238,7
+1231,7
@@
sub aging {
"duedate", invoice, ${arap}.id, date_part('days', now() - duedate) as overduedays,
(SELECT $buysell
FROM exchangerate
"duedate", invoice, ${arap}.id, date_part('days', now() - duedate) as overduedays,
(SELECT $buysell
FROM exchangerate
- WHERE (${arap}.curr
= exchangerate.curr
)
+ WHERE (${arap}.curr
ency_id = exchangerate.currency_id
)
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE ((paid != amount) OR (datepaid > (date $todate) AND datepaid is not null))
AND (exchangerate.transdate = ${arap}.transdate)) AS exchangerate
FROM ${arap}, ${ct}
WHERE ((paid != amount) OR (datepaid > (date $todate) AND datepaid is not null))