From d74658f5dddbb93a3c1f641041ad68374a0cbd0a Mon Sep 17 00:00:00 2001 From: Moritz Bunkus Date: Thu, 7 Apr 2016 13:02:33 +0200 Subject: [PATCH] =?utf8?q?Artikelsuche:=20bei=20Textfeldern=20f=C3=BChrend?= =?utf8?q?e/anh=C3=A4ngende=20Whitespaces=20entfernen?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- SL/IC.pm | 39 +++++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/SL/IC.pm b/SL/IC.pm index 1a02c59c6..b707e88cb 100644 --- a/SL/IC.pm +++ b/SL/IC.pm @@ -42,6 +42,7 @@ use SL::CVar; use SL::DBUtils; use SL::HTML::Restrict; use SL::TransNumber; +use SL::Util qw(trim); use strict; @@ -590,12 +591,12 @@ sub retrieve_assemblies { if ($form->{partnumber}) { $where .= qq| AND (p.partnumber ILIKE ?)|; - push(@values, '%' . $form->{partnumber} . '%'); + push(@values, $::form->like($form->{partnumber})); } if ($form->{description}) { $where .= qq| AND (p.description ILIKE ?)|; - push(@values, '%' . $form->{description} . '%'); + push(@values, $::form->like($form->{description})); } # retrieve assembly items @@ -651,7 +652,7 @@ sub assembly_item { while (my ($column, $table) = each(%columns)) { next unless ($form->{"${column}_$i"}); $where .= qq| AND ${table}.${column} ILIKE ?|; - push(@values, '%' . $form->{"${column}_$i"} . '%'); + push(@values, $::form->like($form->{"${column}_$i"})); } if ($form->{id}) { @@ -862,13 +863,14 @@ sub all_parts { #===== switches and simple filters ========# # special case transdate - if (grep { $form->{$_} } qw(transdatefrom transdateto)) { + if (grep { trim($form->{$_}) } qw(transdatefrom transdateto)) { $form->{"l_transdate"} = 1; push @select_tokens, 'transdate'; for (qw(transdatefrom transdateto)) { - next unless $form->{$_}; + my $value = trim($form->{$_}); + next unless $value; push @where_tokens, sprintf "transdate %s ?", /from$/ ? '>=' : '<='; - push @bind_vars, $form->{$_}; + push @bind_vars, $value; } } @@ -880,7 +882,7 @@ sub all_parts { } # special case insertdate - if (grep { $form->{$_} } qw(insertdatefrom insertdateto)) { + if (grep { trim($form->{$_}) } qw(insertdatefrom insertdateto)) { $form->{"l_insertdate"} = 1; push @select_tokens, 'insertdate'; @@ -888,9 +890,10 @@ sub all_parts { my $token = $token_builder->('insertdate'); for (qw(insertdatefrom insertdateto)) { - next unless $form->{$_}; + my $value = trim($form->{$_}); + next unless $value; push @where_tokens, sprintf "$token %s ?", /from$/ ? '>=' : '<='; - push @bind_vars, $form->{$_}; + push @bind_vars, $value; } } @@ -914,7 +917,7 @@ sub all_parts { next unless $form->{$_}; $form->{"l_$_"} = '1'; # show the column push @where_tokens, "$table_prefix{$_}$_ ILIKE ?"; - push @bind_vars, "%$form->{$_}%"; + push @bind_vars, $::form->like($form->{$_}); } foreach (@simple_l_switches) { @@ -955,11 +958,11 @@ sub all_parts { # fortunately makemodel doesn't need to be displayed later, so adding a special clause to where_token is sufficient. if ($form->{make}) { push @where_tokens, 'mv.name ILIKE ?'; - push @bind_vars, "%$form->{make}%"; + push @bind_vars, $::form->like($form->{make}); } if ($form->{model}) { push @where_tokens, 'mm.model ILIKE ?'; - push @bind_vars, "%$form->{model}%"; + push @bind_vars, $::form->like($form->{model}); } # special case: sorting by partnumber @@ -1153,14 +1156,14 @@ sub _create_filter_for_priceupdate { next unless ($form->{$column}); $where .= qq| AND $item ILIKE ?|; - push(@where_values, '%' . $form->{$column} . '%'); + push(@where_values, $::form->like($form->{$column})); } foreach my $item (qw(description serialnumber)) { next unless ($form->{$item}); $where .= qq| AND (${item} ILIKE ?)|; - push(@where_values, '%' . $form->{$item} . '%'); + push(@where_values, $::form->like($form->{$item})); } @@ -1194,7 +1197,7 @@ sub _create_filter_for_priceupdate { foreach my $column (qw(make model)) { next unless ($form->{$column}); $where .= qq| AND p.id IN (SELECT DISTINCT parts_id FROM makemodel WHERE $column ILIKE ?|; - push(@where_values, '%' . $form->{$column} . '%'); + push(@where_values, $::form->like($form->{$column})); } $main::lxdebug->leave_sub(); @@ -1408,15 +1411,15 @@ sub get_parts { if ($sortorder eq "all") { $where .= qq| AND (partnumber ILIKE ?) AND (description ILIKE ?)|; - push(@values, '%' . $form->{partnumber} . '%', '%' . $form->{description} . '%'); + push(@values, $::form->like($form->{partnumber}), $::form->like($form->{description})); } elsif ($sortorder eq "partnumber") { $where .= qq| AND (partnumber ILIKE ?)|; - push(@values, '%' . $form->{partnumber} . '%'); + push(@values, $::form->like($form->{partnumber})); } elsif ($sortorder eq "description") { $where .= qq| AND (description ILIKE ?)|; - push(@values, '%' . $form->{description} . '%'); + push(@values, $::form->like($form->{description})); $order = "description"; } -- 2.20.1