vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
15214 commits 1 branch 0 tags 587 MiB
Commit graph

14 commits

Author SHA1 Message Date
Saurabh
a1e68b6fd5 [fix] potential sql injection by sanitizing fields parameter 2018-10-31 14:26:22 +05:30
Saurabh
b40d6f9a71 test case fixes for db query engin 2018-07-11 13:45:36 +05:30
Saurabh
9aeb79b874 [fix][test-case] filter sanitizer 2018-07-05 17:33:30 +05:30
Saurabh
e2b1ebe84c [Security][fix] To avoid possible sql injection via filters and or_filters parameters and tighten the field level checks (#5721) 
* [fix] sanitize filters and or_filters to avoid sql injection

* add test cases for filter sanitizer

* codacy fix

* added test cases to test valid scenarios
 2018-06-27 09:15:42 +05:30
Saurabh
40d818af90 [hotfix] sanitize fields to avoid mysql injection (#4994) 
* [fix] sanitize fields to avoid mysql injection

* sanitize sql statements to avoid subqueries

* Added test cases

* Raise exception if mysql injection found in fields and related test-cases

* [fix] riase exception if blacklistes function or keyworkds found in fields
 2018-02-13 14:45:51 +05:30
Manas Solanki
7031473915 fixed between filters (#4497) 2017-11-15 13:57:53 +05:30
Makarand Bauskar
fc715efdbb [hotfix] fixes for AttributeError: 'NoneType' object has no attribute 'split' (#3840) 
* [hotfix] fixes for AttributeError: 'NoneType' object has no attribute 'split'

* [tests] added test cases for not in and in filters
 2017-08-02 12:47:10 +05:30
Rushabh Mehta
262f361021 [minor] ignore permissions option for filters in db_query (#3234) 2017-05-06 12:43:47 +05:30
Makarand Bauskar
8eeda18692 [fixes] minor fix for between operator filter (#3196) 
* [fixes] minor fix for between operator filter

* [minor] added a test case for between operator filter
 2017-05-01 14:14:04 +05:30
Anand Doshi
2995f02f3b Web Notes to Frappe, better alerts, css fixes, fixed splash 2015-03-03 15:09:34 +05:30
Anand Doshi
f3b37df2dd [fix] Added unicode_literals if missing in py files 2015-02-24 12:24:20 +05:30
Rushabh Mehta
2405ed2e81 added or_filters to db_query. link search will not search 'search_fields' by default 2014-05-07 14:09:40 +05:30
Anand Doshi
291cd2777f Added notification clearing hook, fixed db query test cases 2014-03-05 15:23:22 +05:30
Rushabh Mehta
3964db5d95 refactored reportview.py and added frappe/model/db_query.py 2014-03-03 17:53:25 +05:30