Ticket #1964 (closed defect: fixed)

Opened 7 years ago

Last modified 6 years ago

queryByAttributes method fails when using simple quotes on postGIS data

Reported by: pierre.giraud@… Owned by: mapserver-bugs@…
Priority: high Milestone:
Component: PostGIS Interface Version: 4.10
Severity: normal Keywords:
Cc: sylvain.pasche@…, yjacolin@…

Description 

When using simple quotes in qstring parameter, the SQL query in postGIS is
truncated.

Something like the following in mapscript :
$map->getLayer(0)->queryByAttributes('id', "id in '126'", MS_MULTIPLE);

generates the following statement in postGIS :
DECLARE mycursor [...] SELECT [...] WHERE (id in ) and (the_geom [...]

Note : If needed, a test case (data + mapscript code) can be provided.

Change History

Changed 7 years ago by sylvain.pasche@…

  • cc sylvain.pasche@… added

Changed 7 years ago by yjacolin@…

  • cc yjacolin@… added

Changed 6 years ago by sdlime

  • status changed from new to closed
  • resolution set to fixed 
I believe this has already been fixed, but isn't in a public release yet. You 
can work from CVS to be sure. Marking as fixed until I hear otherwise.

Steve
Note: See TracTickets for help on using tickets.