FINERACT-1910: Added pagination & sorting support in datatables/query#3076
FINERACT-1910: Added pagination & sorting support in datatables/query#3076shyam1s15 wants to merge 1 commit into
Conversation
shyam1s15
changed the title
|
@shyam1s15 please squash your commits into one; the PR will not be accepted with multiple commits. Thanks |
There was a problem hiding this comment.
String concatenation is inherently insecure (read: very easy to inject other SQL statements). Please provide a more secure way to assemble the query.
There was a problem hiding this comment.
thanks for review working on it.
There was a problem hiding this comment.
well, I am already sanitizing the inputs, it might save?
tried to implement other more secured ways but getting stucked in passing paramList as calling other method eg: callFilteredPgSql
There was a problem hiding this comment.
You should not concatenate the SQL, at all.
Use a parameterized query instead with placeholders, that'll be safe from SQL injection.
shyam1s15
force-pushed
the
JIRA-1910-solution
branch
from
9b71c8d to
3c19893
Compare
There was a problem hiding this comment.
You should not concatenate the SQL, at all.
Use a parameterized query instead with placeholders, that'll be safe from SQL injection.
shyam1s15
force-pushed
the
JIRA-1910-solution
branch
from
a4e47e2 to
9ecd73f
Compare
|
@shyam1s15 Please check your commit, because it is not compiling... |
|
This pull request seems to be stale. Are you still planning to work on it? We will automatically close it in 30 days. |
4 participants
Description
Describe the changes made and why they were made.
requires some review by maintainers, please tell if there is room for improvements, thanks
Ignore if these details are present on the associated Apache Fineract JIRA ticket(#1284).
Checklist
Please make sure these boxes are checked before submitting your pull request - thanks!
Write the commit message as per https://github.com/apache/fineract/#pull-requests
Acknowledge that we will not review PRs that are not passing the build ("green") - it is your responsibility to get a proposed PR to pass the build, not primarily the project's maintainers.
Create/update unit or integration tests for verifying the changes made.
Follow coding conventions at https://cwiki.apache.org/confluence/display/FINERACT/Coding+Conventions.
Add required Swagger annotation and update API documentation at fineract-provider/src/main/resources/static/legacy-docs/apiLive.htm with details of any API changes
Submission is not a "code dump". (Large changes can be made "in repository" via a branch. Ask on the developer mailing list for guidance, if required.)
FYI our guidelines for code reviews are at https://cwiki.apache.org/confluence/display/FINERACT/Code+Review+Guide.