From 3c01bf3d5caa4c762a74f1c9959a0691cb34b3e1 Mon Sep 17 00:00:00 2001 From: Akhil Narang Date: Wed, 5 Mar 2025 14:17:39 +0530 Subject: [PATCH 1/3] fix: check properly for blacklisted function usage Signed-off-by: Akhil Narang --- frappe/model/db_query.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/frappe/model/db_query.py b/frappe/model/db_query.py index b91d6a49b8..333e494ef1 100644 --- a/frappe/model/db_query.py +++ b/frappe/model/db_query.py @@ -1120,8 +1120,9 @@ class DatabaseQuery: tbl = tbl[4:-1] frappe.throw(_("Please select atleast 1 column from {0} to sort/group").format(tbl)) - if function in blacklisted_sql_functions: - frappe.throw(_("Cannot use {0} in order/group by").format(field)) + # Check if the function is used anywhere in the field + if any(func in function for func in blacklisted_sql_functions): + frappe.throw(_("Cannot use {0} in order/group by").format(function)) def add_limit(self): if self.limit_page_length: From b95d741ffe77496df9e202c507c7cac10e9b0e77 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Thu, 6 Mar 2025 12:12:40 +0530 Subject: [PATCH 2/3] fix(DX): Limit cprofiler output to 200 lines (#31538) Most of the time, first 100 lines are all you need, so 200 should be more than enough. --- frappe/recorder.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frappe/recorder.py b/frappe/recorder.py index facdcc416d..a5706c8466 100644 --- a/frappe/recorder.py +++ b/frappe/recorder.py @@ -259,7 +259,7 @@ class Recorder: def dump(self): if not self._recording: return - profiler_output = self.process_profiler() + profiler_output = self.process_profiler() or "" request_data = { "uuid": self.uuid, @@ -277,7 +277,7 @@ class Recorder: request_data["calls"] = self.calls request_data["headers"] = self.headers request_data["form_dict"] = self.form_dict - request_data["profile"] = profiler_output + request_data["profile"] = "".join(profiler_output.splitlines(keepends=True)[:200]) frappe.cache.hset(RECORDER_REQUEST_HASH, self.uuid, request_data) if self.config.record_sql: From b8ee712cc5c26e46201fd0764271eab33ddf9242 Mon Sep 17 00:00:00 2001 From: Suhail <63963181+BreadGenie@users.noreply.github.com> Date: Thu, 6 Mar 2025 12:29:22 +0530 Subject: [PATCH 3/3] feat: add login via fc button in login page (#31541) * refactor: show login with frappe cloud button in login page instead of throwing the user to site-login page, show them all the options * fix: use is_frappecloud method to check if site is on fc since `is_fc_site` checks if the user is a system manager and a guest user is not one * refactor: use a better fc logo also show login with fc button only for users coming from new signup flow (for now) * fix: logo alignment with text --- frappe/www/login.html | 17 +++++++++++++++++ frappe/www/login.py | 14 +++++++------- 2 files changed, 24 insertions(+), 7 deletions(-) diff --git a/frappe/www/login.html b/frappe/www/login.html index 2cf043dba0..97f9dfc778 100644 --- a/frappe/www/login.html +++ b/frappe/www/login.html @@ -99,6 +99,23 @@ {% endfor %} + + {% if login_with_frappe_cloud_url %} + + {% endif %} + {% if login_with_email_link %}