}
if ($form->{"cp_name"}) {
$where .= " AND (cp.cp_name ILIKE ? OR cp.cp_givenname ILIKE ?)";
- push(@values, ('%' . trim($form->{"cp_name"}) . '%')x2);
+ push(@values, (like($form->{"cp_name"}))x2);
}
if ($form->{department}) {
# ähnlich wie commit 0bbfb33b6aa8e38bb6c81d1684ab7d08e5b5c5af abteilung
}
if ($form->{"cp_name"}) {
$where .= " AND (cp.cp_name ILIKE ? OR cp.cp_givenname ILIKE ?)";
- push(@values, ('%' . trim($form->{"cp_name"}) . '%')x2);
+ push(@values, (like($form->{"cp_name"}))x2);
}
if ($form->{business_id}) {
my $business_id = $form->{business_id};
push(@values, $department_id);
}
if ($form->{department}) {
- my $department = "%" . trim($form->{department}) . "%";
+ my $department = like($form->{department});
$where .= " AND d.description ILIKE ?";
push(@values, $department);
}
qq|FROM chart | .
qq|WHERE link LIKE ? |.
qq|ORDER BY accno|;
- my $sth = prepare_execute_query($form, $dbh, $query, '%' . $ARAP . '%');
+ my $sth = prepare_execute_query($form, $dbh, $query, like($ARAP));
$form->{PR}{ $form->{ARAP} } = ();
$form->{PR}{"$form->{ARAP}_paid"} = ();
if ($form->{"${cv}number"}) {
$where .= " AND ct.${cv}number ILIKE ?";
- push(@values, '%' . $form->{"${cv}number"} . '%');
+ push(@values, like($form->{"${cv}number"}));
}
foreach my $key (qw(name contact email)) {
if ($form->{$key}) {
$where .= " AND ct.$key ILIKE ?";
- push(@values, '%' . $form->{$key} . '%');
+ push(@values, like($form->{$key}));
}
}
if ($form->{cp_name}) {
$where .= " AND ct.id IN (SELECT cp_cv_id FROM contacts WHERE lower(cp_name) LIKE lower(?))";
- push @values, '%' . $form->{cp_name} . '%';
+ push @values, like($form->{cp_name});
}
if ($form->{addr_street}) {
qq| WHERE (sc.module = 'CT') | .
qq| AND (sc.shiptostreet ILIKE ?) | .
qq| ))) |;
- push @values, ('%' . $form->{addr_street} . '%') x 2;
+ push @values, (like($form->{addr_street})) x 2;
}
if ($form->{addr_zipcode}) {
qq| WHERE (sc.module = 'CT') | .
qq| AND (sc.shiptozipcode ILIKE ?) | .
qq| ))) |;
- push @values, ('%' . $form->{addr_zipcode} . '%') x 2;
+ push @values, (like($form->{addr_zipcode})) x 2;
}
if ($form->{addr_city}) {
AND (lower(sc.shiptocity) LIKE lower(?))
))
)";
- push @values, ('%' . $form->{addr_city} . '%') x 2;
+ push @values, (like($form->{addr_city})) x 2;
}
if ($form->{addr_country}) {
AND (lower(so.shiptocountry) LIKE lower(?))
))
)";
- push @values, ('%' . $form->{addr_country} . '%') x 2;
+ push @values, (like($form->{addr_country})) x 2;
}
if ($form->{addr_gln}) {
AND (lower(so.shiptogln) LIKE lower(?))
))
)";
- push @values, ('%' . $form->{addr_gln} . '%') x 2;
+ push @values, (like($form->{addr_gln})) x 2;
}
if ( $form->{status} eq 'orphaned' ) {
'cp.cp_name ILIKE ?',
'cp.cp_givenname ILIKE ?',
'cp.cp_email ILIKE ?';
- push @values, ('%' . $params{search_term} . '%') x 3;
+ push @values, (like($params{search_term})) x 3;
if (($params{search_term} =~ m/\d/) && ($params{search_term} !~ m/[^\d \(\)+\-]/)) {
my $number = $params{search_term};
next unless ($params{filter}->{$name});
push @sub_where, qq|cvar.text_value ILIKE ?|;
- push @sub_values, '%' . trim($params{filter}->{$name}) . '%'
+ push @sub_values, like($params{filter}->{$name});
} elsif ($config->{type} eq 'select') {
next unless ($params{filter}->{$name});
my $table = $config->{type};
push @sub_where, qq|cvar.number_value * 1 IN (SELECT id FROM $table WHERE name ILIKE ?)|;
- push @sub_values, "%" . trim($params{filter}->{$name}) . "%";
+ push @sub_values, like($params{filter}->{$name});
} elsif ($config->{type} eq 'part') {
next unless $params{filter}->{$name};
push @sub_where, qq|cvar.number_value * 1 IN (SELECT id FROM parts WHERE partnumber ILIKE ?)|;
- push @sub_values, "%" . trim($params{filter}->{$name}) . "%";
+ push @sub_values, like($params{filter}->{$name});
}
if (@sub_where) {
next unless $form->{$_};
$filter .= qq| AND ($_ ILIKE ?)|;
- push @filter_values, '%' . $form->{$_} . '%';
+ push @filter_values, like($form->{$_});
}
if ($form->{no_assemblies}) {
my (@filter_values, $filter);
if ($form->{"name"}) {
$filter .= " AND (TABLE.name ILIKE ?)";
- push(@filter_values, '%' . $form->{"name"} . '%');
+ push(@filter_values, like($form->{"name"}));
}
if (!$form->{"obsolete"}) {
$filter .= " AND NOT TABLE.obsolete";
my (@filter_values, $filter);
if ($form->{"name"}) {
$filter .= qq| (name ILIKE ?) AND|;
- push(@filter_values, '%' . $form->{"name"} . '%');
+ push(@filter_values, like($form->{"name"}));
}
$order_by =~ s/[^a-zA-Z_]//g;
my (@filter_values, $filter);
if ($form->{"name"}) {
$filter .= qq| (name ILIKE ?) AND|;
- push(@filter_values, '%' . $form->{"name"} . '%');
+ push(@filter_values, like($form->{"name"}));
}
$order_by =~ s/[^a-zA-Z_]//g;
use SL::DB::Tax;
use SL::DB::Draft;
use SL::DB::BankAccount;
+use SL::DBUtils qw(like);
use SL::Presenter;
use List::Util qw(max);
my @where_purchase = (amount => { ne => \'paid' });
if ($::form->{invnumber}) {
- push @where_sale, (invnumber => { ilike => '%' . $::form->{invnumber} . '%'});
- push @where_purchase, (invnumber => { ilike => '%' . $::form->{invnumber} . '%'});
+ push @where_sale, (invnumber => { ilike => like($::form->{invnumber})});
+ push @where_purchase, (invnumber => { ilike => like($::form->{invnumber})});
}
if ($::form->{amount}) {
}
if ($::form->{vcnumber}) {
- push @where_sale, ('customer.customernumber' => { ilike => '%' . $::form->{vcnumber} . '%'});
- push @where_purchase, ('vendor.vendornumber' => { ilike => '%' . $::form->{vcnumber} . '%'});
+ push @where_sale, ('customer.customernumber' => { ilike => like($::form->{vcnumber})});
+ push @where_purchase, ('vendor.vendornumber' => { ilike => like($::form->{vcnumber})});
}
if ($::form->{vcname}) {
- push @where_sale, ('customer.name' => { ilike => '%' . $::form->{vcname} . '%'});
- push @where_purchase, ('vendor.name' => { ilike => '%' . $::form->{vcname} . '%'});
+ push @where_sale, ('customer.name' => { ilike => like($::form->{vcname})});
+ push @where_purchase, ('vendor.name' => { ilike => like($::form->{vcname})});
}
if ($::form->{transdatefrom}) {
use SL::DB::PurchaseInvoice;
use SL::DB::RecordLink;
use SL::DB::RequirementSpec;
+use SL::DBUtils qw(like);
use SL::JSON;
use SL::Locale::String;
my $filter = $self->link_type_desc->{filter};
my @where = $filter && $manager->can($filter) ? $manager->$filter($self->link_type) : ();
- push @where, ("${vc}.${vc}number" => { ilike => '%' . $::form->{vc_number} . '%' }) if $::form->{vc_number};
- push @where, ("${vc}.name" => { ilike => '%' . $::form->{vc_name} . '%' }) if $::form->{vc_name};
- push @where, ($description => { ilike => '%' . $::form->{transaction_description} . '%' }) if $::form->{transaction_description};
- push @where, ($project_id => $::form->{globalproject_id}) if $::form->{globalproject_id} && $manager->can($project_id);
+ push @where, ("${vc}.${vc}number" => { ilike => like($::form->{vc_number}) }) if $::form->{vc_number};
+ push @where, ("${vc}.name" => { ilike => like($::form->{vc_name}) }) if $::form->{vc_name};
+ push @where, ($description => { ilike => like($::form->{transaction_description}) }) if $::form->{transaction_description};
+ push @where, ($project_id => $::form->{globalproject_id}) if $::form->{globalproject_id} && $manager->can($project_id);
my @with_objects = ($vc);
push @with_objects, $project if $manager->can($project_id);
use SL::Controller::CustomerVendor;
use SL::DB::Vendor;
-use SL::DBUtils qw(selectfirst_array_query);
+use SL::DBUtils qw(selectfirst_array_query like);
use SL::Locale::String qw(t8);
sub auth { 'customer_vendor_edit' }
my $result = SL::DB::Manager::Contact->get_all(
query => [
or => [
- cp_name => { ilike => "%$::form->{term}%" },
- cp_givenname => { ilike => "%$::form->{term}%" },
- cp_email => { ilike => "%$::form->{term}%" },
+ cp_name => { ilike => like($::form->{term}) },
+ cp_givenname => { ilike => like($::form->{term}) },
+ cp_email => { ilike => like($::form->{term}) },
],
cp_cv_id => [ \'SELECT id FROM customer UNION SELECT id FROM vendor' ],
],
use SL::DB::PurchaseInvoice;
use SL::DB::AccTransaction;
use SL::Locale::String qw(t8);
+use SL::DBUtils qw(like);
use List::Util qw(sum);
sub auth { 'general_ledger' }
my $limit = $::form->{limit} || 40; # max number of results per type (AR/AP/GL)
my $term = $::form->{term} || '';
- my $descriptionquery = { ilike => '%' . $term . '%' };
- my $referencequery = { ilike => '%' . $term . '%' };
- my $apinvnumberquery = { ilike => '%' . $term . '%' };
- my $namequery = { ilike => '%' . $term . '%' };
- my $arinvnumberquery = { ilike => '%' . $term };
+ my $descriptionquery = { ilike => like($term) };
+ my $referencequery = { ilike => like($term) };
+ my $apinvnumberquery = { ilike => like($term) };
+ my $namequery = { ilike => like($term) };
+ my $arinvnumberquery = { ilike => '%' . SL::Util::trim($term) };
# ar match is more restrictive. Left fuzzy beginning so it also matches "Storno zu $INVNUMBER"
# and numbers like 000123 if you only enter 123.
# When used in quicksearch short numbers like 1 or 11 won't match because of the
id => \&conv_i,
bool => \&conv_b,
date => \&conv_date,
- start => sub { $_[0] . '%' },
- end => sub { '%' . $_[0] },
- substr => sub { '%' . $_[0] . '%' },
+ start => sub { trim($_[0]) . '%' },
+ end => sub { '%' . trim($_[0]) },
+ substr => sub { like($_[0]) },
);
my $_long_token = sub {
} elsif ($form->{customer}) {
$where .= qq| AND (ct.name ILIKE ?)|;
- push(@values, '%' . trim($form->{customer}) . '%');
+ push(@values, like($form->{customer}));
}
my %columns = (
foreach my $key (keys(%columns)) {
next unless ($form->{$key});
$where .= qq| AND $columns{$key} ILIKE ?|;
- push(@values, '%' . trim($form->{$key}) . '%');
+ push(@values, like($form->{$key}));
}
if ($form->{dunning_level}) {
} elsif ($form->{customer}) {
$where .= qq| AND (ct.name ILIKE ?)|;
- push(@values, '%' . $form->{customer} . '%');
+ push(@values, like($form->{customer}));
}
my %columns = (
foreach my $key (keys(%columns)) {
next unless ($form->{$key});
$where .= qq| AND $columns{$key} ILIKE ?|;
- push(@values, '%' . $form->{$key} . '%');
+ push(@values, like($form->{$key}));
}
if ($form->{dunning_level}) {
} elsif ($form->{$vc}) {
push @where, qq|ct.name ILIKE ?|;
- push @values, '%' . trim($form->{$vc}) . '%';
+ push @values, like($form->{$vc});
}
if ($form->{"cp_name"}) {
push @where, "(cp.cp_name ILIKE ? OR cp.cp_givenname ILIKE ?)";
- push @values, ('%' . trim($form->{"cp_name"}) . '%')x2;
+ push @values, (like($form->{"cp_name"}))x2;
}
foreach my $item (qw(employee_id salesman_id)) {
foreach my $item (qw(donumber ordnumber cusordnumber transaction_description)) {
next unless ($form->{$item});
push @where, qq|dord.$item ILIKE ?|;
- push @values, '%' . trim($form->{$item}) . '%';
+ push @values, like($form->{$item});
}
if (($form->{open} || $form->{closed}) &&
if ($form->{serialnumber}) {
push @where, 'dord.id IN (SELECT doi.delivery_order_id FROM delivery_order_items doi WHERE doi.serialnumber LIKE ?)';
- push @values, '%' . trim($form->{serialnumber}) . '%';
+ push @values, like($form->{serialnumber});
}
if($form->{transdatefrom}) {
foreach my $item (qw(subject body)) {
next unless ($params{$item});
$where .= qq| AND (n.${item} ILIKE ?)|;
- push @values, '%' . $params{$item} . '%';
+ push @values, like($params{$item});
}
if ($params{reference}) {
WHERE (ful.follow_up_id = fu.id)
AND (ful.trans_info ILIKE ?)
LIMIT 1)|;
- push @values, '%' . $params{reference} . '%';
+ push @values, like($params{reference});
}
if ($params{follow_up_date_from}) {
my $where;
if ($self->{customernumber} ne "") {
$where = qq|(vc.customernumber ILIKE ?)|;
- push(@values, '%' . $self->{customernumber} . '%');
+ push(@values, like($self->{customernumber}));
} else {
$where = qq|(vc.name ILIKE ?)|;
- push(@values, '%' . $self->{$table} . '%');
+ push(@values, like($self->{$table}));
}
$query =
JOIN $table vc ON (a.${table}_id = vc.id)
WHERE NOT (a.amount = a.paid) AND (vc.name ILIKE ?)
ORDER BY vc.name~;
- push(@values, '%' . $self->{$table} . '%');
+ push(@values, like($self->{$table}));
}
$self->{name_list} = selectall_hashref_query($self, $dbh, $query, @values);
$sth = $dbh->prepare($query);
- do_statement($self, $sth, $query, '%' . $module . '%');
+ do_statement($self, $sth, $query, like($module));
$self->{accounts} = "";
while ($ref = $sth->fetchrow_hashref("NAME_lc")) {
ORDER BY c.accno|;
$sth = $dbh->prepare($query);
- do_statement($self, $sth, $query, "%$module%");
+ do_statement($self, $sth, $query, like($module));
$self->{accounts} = "";
while ($ref = $sth->fetchrow_hashref("NAME_lc")) {
if ($form->{all}) {
$form->{"l_$_"} = 1 for qw(partnumber description unit sellprice lastcost cvar_packaging linetotal);
push @where_tokens, "p.partnumber ILIKE ? OR p.description ILIKE ?";
- push @bind_vars, "%$form->{all}%", "%$form->{all}%";
+ push @bind_vars, (like($form->{all})) x 2;
}
# special case insertdate
# connect to database
my $dbh = $form->get_standard_dbh;
- my @values = ('%' . $module . '%');
+ my @values = like($module);
my $query;
if ($form->{id}) {
my $field = (split m{\.}, $table_column)[1];
next unless $form->{"${field}_${i}"};
$where .= " AND lower(${table_column}) LIKE lower(?)";
- push @values, '%' . $form->{"${field}_${i}"} . '%';
+ push @values, like($form->{"${field}_${i}"});
}
my (%mm_by_id);
LEFT JOIN parts ON parts.id = parts_id
WHERE NOT parts.obsolete AND model ILIKE ? AND (make IS NULL OR make = ?);
|;
- my $mm_results = selectall_hashref_query($::form, $dbh, $mm_query, '%' . $form->{"partnumber_$i"} . '%', $::form->{vendor_id});
+ my $mm_results = selectall_hashref_query($::form, $dbh, $mm_query, like($form->{"partnumber_$i"}), $::form->{vendor_id});
my @mm_ids = map { $_->{parts_id} } @$mm_results;
push @{$mm_by_id{ $_->{parts_id} } ||= []}, $_ for @$mm_results;
my ($table, $field) = split m/\./, $column;
next if !$form->{"${field}_${i}"};
$where .= qq| AND lower(${column}) ILIKE ?|;
- push @values, '%' . $form->{"${field}_${i}"} . '%';
+ push @values, like($form->{"${field}_${i}"});
}
my (%mm_by_id);
my $mm_query = qq|
SELECT parts_id, model FROM makemodel LEFT JOIN parts ON parts.id = parts_id WHERE NOT parts.obsolete AND model ILIKE ?;
|;
- my $mm_results = selectall_hashref_query($::form, $dbh, $mm_query, '%' . $form->{"partnumber_$i"} . '%');
+ my $mm_results = selectall_hashref_query($::form, $dbh, $mm_query, like($form->{"partnumber_$i"}));
my @mm_ids = map { $_->{parts_id} } @$mm_results;
push @{$mm_by_id{ $_->{parts_id} } ||= []}, $_ for @$mm_results;
WHERE proi.projectnumber ILIKE ? AND oi.trans_id = o.id
))
SQL
- push @values, "%" . $form->{"projectnumber"} . "%", "%" . $form->{"projectnumber"} . "%" ;
+ push @values, like($form->{"projectnumber"}), like($form->{"projectnumber"});
}
if ($form->{"business_id"}) {
} elsif ($form->{$vc}) {
$query .= " AND ct.name ILIKE ?";
- push(@values, '%' . trim($form->{$vc}) . '%');
+ push(@values, like($form->{$vc}));
}
if ($form->{"cp_name"}) {
$query .= " AND (cp.cp_name ILIKE ? OR cp.cp_givenname ILIKE ?)";
- push(@values, ('%' . trim($form->{"cp_name"}) . '%')x2);
+ push(@values, (like($form->{"cp_name"}))x2);
}
if (!$main::auth->assert('sales_all_edit', 1)) {
if ($form->{$ordnumber}) {
$query .= qq| AND o.$ordnumber ILIKE ?|;
- push(@values, '%' . trim($form->{$ordnumber}) . '%');
+ push(@values, like($form->{$ordnumber}));
}
if ($form->{cusordnumber}) {
$query .= qq| AND o.cusordnumber ILIKE ?|;
- push(@values, '%' . trim($form->{cusordnumber}) . '%');
+ push(@values, like($form->{cusordnumber}));
}
if($form->{transdatefrom}) {
if ($form->{shippingpoint}) {
$query .= qq| AND o.shippingpoint ILIKE ?|;
- push(@values, '%' . trim($form->{shippingpoint}) . '%');
+ push(@values, like($form->{shippingpoint}));
}
if ($form->{taxzone_id} ne '') { # taxzone_id could be 0
if ($form->{transaction_description}) {
$query .= qq| AND o.transaction_description ILIKE ?|;
- push(@values, '%' . trim($form->{transaction_description}) . '%');
+ push(@values, like($form->{transaction_description}));
}
if ($form->{periodic_invoices_active} ne $form->{periodic_invoices_inactive}) {
ct.name ILIKE ? OR
o.transaction_description ILIKE ?
)| for @tokens;
- push @values, ("%$_%")x4 for @tokens;
+ push @values, (like($_))x4 for @tokens;
}
my ($cvar_where, @cvar_values) = CVar->build_filter_query('module' => 'CT',
if ($form->{partsgroup}) {
$where .= qq| AND partsgroup ILIKE ?|;
- push(@values, '%' . $form->{partsgroup} . '%');
+ push(@values, like($form->{partsgroup}));
}
if ($form->{status} eq 'orphaned') {
if ($form->{pricegroup}) {
$where .= qq| AND pricegroup ILIKE ?|;
- push(@values, '%' . $form->{pricegroup} . '%');
+ push(@values, like($form->{pricegroup}));
}
if ($form->{status} eq 'orphaned') {
my $invnumber;
my $reference;
if ($form->{reference}) {
- $reference = $dbh->quote('%' . $form->{reference} . '%');
+ $reference = $dbh->quote(like($form->{reference}));
$invnumber = " AND (a.invnumber LIKE $reference)";
$reference = " AND (a.reference LIKE $reference)";
}
if ($form->{source}) {
- $where .= " AND (ac.source ILIKE " . $dbh->quote('%' . $form->{source} . '%') . ") ";
+ $where .= " AND (ac.source ILIKE " . $dbh->quote(like($form->{source})) . ") ";
}
if ($form->{memo}) {
- $where .= " AND (ac.memo ILIKE " . $dbh->quote('%' . $form->{memo} . '%') . ") ";
+ $where .= " AND (ac.memo ILIKE " . $dbh->quote(like($form->{memo})) . ") ";
}
my %sort_columns = (
if ($filter->{invnumber}) {
push @where_sub, "arap.invnumber ILIKE ?";
- push @values_sub, '%' . $filter->{invnumber} . '%';
+ push @values_sub, like($filter->{invnumber});
$joins_sub{$arap} = 1;
}
if ($filter->{message_id}) {
- push @values, '%' . $filter->{message_id} . '%';
+ push @values, like($filter->{message_id});
push @where, <<SQL;
se.id IN (
SELECT sepa_export_id
if ($filter->{vc}) {
push @where_sub, "vc.name ILIKE ?";
- push @values_sub, '%' . $filter->{vc} . '%';
+ push @values_sub, like($filter->{vc});
$joins_sub{$arap} = 1;
$joins_sub{vc} = 1;
}
}
if ($form->{partnumber}) {
$where .= qq| AND (p.partnumber ILIKE ?)|;
- push(@values, '%' . $form->{partnumber} . '%');
+ push(@values, like($form->{partnumber}));
}
if ($form->{partsgroup_id}) {
$where .= qq| AND (pg.id = ?)|;
}
if ($form->{country}) {
$where .= qq| AND (ct.country ILIKE ?)|;
- push(@values, '%' . $form->{country} . '%');
+ push(@values, like($form->{country}));
}
# when filtering for parts by description we probably want to filter by the description of the part as per the master data
# at least in the translation case we probably want the report to also include translated articles, so we have to filter via parts.description
if ($form->{description}) {
$where .= qq| AND (p.description ILIKE ?)|;
- push(@values, '%' . $form->{description} . '%');
+ push(@values, like($form->{description}));
}
if ($form->{transdatefrom}) {
$where .= " AND ar.transdate >= ?";
projects / kivitendo-erp.git / commitdiff