Security Module Security_grid_sec_users_groups

salvatore · August 9, 2021, 10:58am

With the supplied or generated grid
“Security_grid_sec_users_groups” an error appears when looking for a name in QuickSearch.

The reason for this is the following entry in the “onScriptInit” event

sc_select_where(add) = “WHERE login IN ( SELECT Security_users_groups.login FROM Security_users_groups WHERE Security_users_groups.group_id = “.sc_sql_injection({group}).” )”;

whitout this entry, everithing runs fine!

Netmake, one question, do you test your work before you publish it, or do we do it for you?

brad.cope · August 11, 2021, 1:53am

This is not just isolated to the Security_grid_sec_users_groups app, QuickSearch generates errors for any app that has a where filter applied in the SQL Select.

QuickSearch is adding a second WHERE Clause, not appending existing WHERE Clause

salvatore · August 11, 2021, 2:36pm

hmmmm…

The developers know that?

brad.cope · August 11, 2021, 10:30pm

I have logged a high ticket with similar issues while also referencing this forum thread.