Commit 9c6009d8 authored by Yoshinori Okuji's avatar Yoshinori Okuji

Handle DateTime in the same way as sqlvar, because MySQL does not like the Zope format.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4562 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 35ae22df
...@@ -1258,6 +1258,17 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base): ...@@ -1258,6 +1258,17 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base):
ids.sort() ids.sort()
return ids return ids
def _quoteSQLString(self, value):
"""Return a quoted string of the value.
"""
if hasattr(value, 'ISO'):
value = value.ISO()
elif hasattr(value, 'strftime'):
value = value.strftime('%Y-%m-%d %H:%M:%S')
else:
value = sql_quote(str(value))
return value
def buildSQLQuery(self, query_table='catalog', REQUEST=None, **kw): def buildSQLQuery(self, query_table='catalog', REQUEST=None, **kw):
""" Builds a complex SQL query to simulate ZCalatog behaviour """ """ Builds a complex SQL query to simulate ZCalatog behaviour """
# Get search arguments: # Get search arguments:
...@@ -1456,9 +1467,9 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base): ...@@ -1456,9 +1467,9 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base):
# Add table to table dict # Add table to table dict
from_table_dict[acceptable_key_map[key][0]] = acceptable_key_map[key][0] # We use catalog by default from_table_dict[acceptable_key_map[key][0]] = acceptable_key_map[key][0] # We use catalog by default
# Default case: variable equality # Default case: variable equality
if type(value) is type(''): if type(value) is type('') or isinstance(value, DateTime):
# For security. # For security.
value = sql_quote(value) value = self._quoteSQLString(value)
if value != '': if value != '':
# we consider empty string as Non Significant # we consider empty string as Non Significant
if value == '=': if value == '=':
...@@ -1496,7 +1507,7 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base): ...@@ -1496,7 +1507,7 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base):
query_item += ["%s = %s" % (key, value_item)] query_item += ["%s = %s" % (key, value_item)]
else: else:
# For security. # For security.
value_item = sql_quote(str(value_item)) value_item = self._quoteSQLString(value_item)
if '%' in value_item: if '%' in value_item:
query_item += ["%s LIKE '%s'" % (key, value_item)] query_item += ["%s LIKE '%s'" % (key, value_item)]
elif key in keyword_search_keys: elif key in keyword_search_keys:
...@@ -1519,8 +1530,8 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base): ...@@ -1519,8 +1530,8 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base):
range_value = value.get('range') range_value = value.get('range')
if range_value : if range_value :
query_min = sql_quote(str(min(query_value))) query_min = self._quoteSQLString(min(query_value))
query_max = sql_quote(str(max(query_value))) query_max = self._quoteSQLString(max(query_value))
if range_value == 'min' : if range_value == 'min' :
query_item += ["%s >= '%s'" % (key, query_min) ] query_item += ["%s >= '%s'" % (key, query_min) ]
elif range_value == 'max' : elif range_value == 'max' :
...@@ -1533,11 +1544,11 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base): ...@@ -1533,11 +1544,11 @@ class Catalog(Folder, Persistent, Acquisition.Implicit, ExtensionClass.Base):
query_item += ["%s <= '%s'" % (key, query_max) ] query_item += ["%s <= '%s'" % (key, query_max) ]
else : else :
for query_value_item in query_value : for query_value_item in query_value :
query_item += ['%s = %s' % (key, sql_quote(str(query_value_item)))] query_item += ['%s = %s' % (key, self._quoteSQLString(query_value_item))]
if len(query_item) > 0: if len(query_item) > 0:
where_expression += ['(%s)' % join(query_item, ' %s ' % operator_value)] where_expression += ['(%s)' % join(query_item, ' %s ' % operator_value)]
else: else:
where_expression += ["%s = %s" % (key, sql_quote(str(value)))] where_expression += ["%s = %s" % (key, self._quoteSQLString(value))]
elif key in topic_search_keys: elif key in topic_search_keys:
# ERP5 CPS compatibility # ERP5 CPS compatibility
topic_operator = 'or' topic_operator = 'or'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment