Opened 20 years ago
Closed 18 years ago
#1707 closed defect (worksforme)
Custom Query screen does work with search values containing backslash ('\')
Reported by: | Owned by: | Jonas Borgström | |
---|---|---|---|
Priority: | low | Milestone: | |
Component: | report system | Version: | 0.10 |
Severity: | normal | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
This can be seen most easily from the Roadmap module:
- Add a ticket owned by 'domain\user', and assign it to a milestone.
- Go to the Roadmap page for that mileston and select 'Ticket Status by Owner'
- Click on the owner domain\user. The URL generated will be something like:
http://localhost:8080/cgi-bin/trac-0.9.cgi/query?owner=domain%5Cuser&milestone=blah
And no tickets are shown.
Tested on W2K Server & WXP SP2, Apache 2.0, CGI & mod_python, 0.8.4 & devel [1847].
Attachments (2)
Change History (8)
comment:1 by , 20 years ago
Summary: | Custom Query screen does not unescape escaped characters in URLs → Custom Query screen does work with search values containing backslash ('\') |
---|
comment:2 by , 20 years ago
Version: | 0.8.4 → devel |
---|
Problems seems to be that sql_escape in util.py is incorrectly escaping a single backslash to a double backslash. This escaping is not being used anywhere else in the system.
Patch for this attached against [1855] trunk, includes extra unit test cases.
by , 20 years ago
Attachment: | backslash_in_custom_queries_r1855.diff added |
---|
Patch against trunk [1855]
comment:3 by , 20 years ago
As this is also a problem on 0.8.4, I'm attaching a patch against that - same change, but without the unit tests.
by , 20 years ago
Attachment: | backslash_in_custom_queries_0.8-stable_r1855.diff added |
---|
Patch against 0.8.4
comment:4 by , 19 years ago
Resolution: | → worksforme |
---|---|
Status: | new → closed |
This seems to have been sorted out at some point.
comment:5 by , 18 years ago
Component: | ticket system → report system |
---|---|
Priority: | normal → low |
Resolution: | worksforme |
Status: | closed → reopened |
Version: | devel → 0.10 |
This seems to have reemerged in 0.10.
- On a system that has \ as a character in a username. e.g. DOMAIN\user on a windows box. Running firefox 1.5.0.7, python 2.3 apache 2.054 mod_python, mod_sspi
- restrict_owner = true (may not be neccessary)
- Go to Roadmap, create a milestone and assign some tickets to that milestone
- Click on active tickets to bring up query
- Add filter on owner
- Try to select owner - Names are scrambled because of \ being processed
- Select an owner anyway and click Update
- Note query string in URL has scrambled user name and query returns no results
- Select owner again, this time names are OK and the query works.
comment:6 by , 18 years ago
Resolution: | → worksforme |
---|---|
Status: | reopened → closed |
This works for me both using 0.10.4dev and 0.11.
Might be an issue with mod_sspi …
Upon closer examination, it would appear that I was jumping to conclusions when I submitted this ticket, and the problem is actually with the creation of the SQL query string, rather than a failure to get the request parameters correctly. The log for the above mentioned URL is as follows:
the where clause:
should be: