Edgewall Software
Modify

Opened 20 years ago

Closed 18 years ago

#1707 closed defect (worksforme)

Custom Query screen does work with search values containing backslash ('\')

Reported by: Ian Leader <__ian.leader__@…> Owned by: Jonas Borgström
Priority: low Milestone:
Component: report system Version: 0.10
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:
Internal Changes:

Description

This can be seen most easily from the Roadmap module:

  • Add a ticket owned by 'domain\user', and assign it to a milestone.
  • Go to the Roadmap page for that mileston and select 'Ticket Status by Owner'
  • Click on the owner domain\user. The URL generated will be something like:
http://localhost:8080/cgi-bin/trac-0.9.cgi/query?owner=domain%5Cuser&milestone=blah

And no tickets are shown.

Tested on W2K Server & WXP SP2, Apache 2.0, CGI & mod_python, 0.8.4 & devel [1847].

Attachments (2)

backslash_in_custom_queries_r1855.diff (4.4 KB ) - added by Ian Leader <__ian.leader__@…> 20 years ago.
Patch against trunk [1855]
backslash_in_custom_queries_0.8-stable_r1855.diff (397 bytes ) - added by Ian Leader <__ian.leader__@…> 20 years ago.
Patch against 0.8.4

Download all attachments as: .zip

Change History (8)

comment:1 by Ian Leader <__ian.leader__@…>, 20 years ago

Summary: Custom Query screen does not unescape escaped characters in URLsCustom Query screen does work with search values containing backslash ('\')

Upon closer examination, it would appear that I was jumping to conclusions when I submitted this ticket, and the problem is actually with the creation of the SQL query string, rather than a failure to get the request parameters correctly. The log for the above mentioned URL is as follows:

08:26:21 Trac[query] DEBUG: Query SQL: SELECT t.id AS id,t.summary AS summary,t.
type AS type,t.status AS status,t.priority AS priority,t.component AS component,
t.version AS version,t.time AS time,t.changetime AS changetime,t.owner AS owner,
t.milestone AS milestone,priority.value AS priority_value
FROM ticket AS t
  LEFT OUTER JOIN enum AS priority ON (priority.type='priority' AND priority.nam
e=priority)
WHERE COALESCE(t.owner,'')='domain\\user' AND COALESCE(t.milestone,'')='blah'
ORDER BY COALESCE(t.priority,'')='',priority.value,t.id
08:26:21 Trac[session] DEBUG: Changing variable query_href from "/cgi-bin/trac-0
.9.cgi/query?group=&milestone=blah&owner=domain%5Cuser&order=priority" to "/cgi-
bin/trac-0.9.cgi/query?milestone=blah&owner=domain%5Cuser&order=priority" in ses
sion hq\ianl
08:26:21 Trac[session] DEBUG: Purging old, expired, sessions.

the where clause:

COALESCE(t.owner,'')='domain\\user' 

should be:

COALESCE(t.owner,'')='domain\user'

comment:2 by Ian Leader <__ian.leader__@…>, 20 years ago

Version: 0.8.4devel

Problems seems to be that sql_escape in util.py is incorrectly escaping a single backslash to a double backslash. This escaping is not being used anywhere else in the system.

Patch for this attached against [1855] trunk, includes extra unit test cases.

by Ian Leader <__ian.leader__@…>, 20 years ago

Patch against trunk [1855]

comment:3 by Ian Leader <__ian.leader__@…>, 20 years ago

As this is also a problem on 0.8.4, I'm attaching a patch against that - same change, but without the unit tests.

by Ian Leader <__ian.leader__@…>, 20 years ago

Patch against 0.8.4

comment:4 by Matthew Good, 19 years ago

Resolution: worksforme
Status: newclosed

This seems to have been sorted out at some point.

comment:5 by anonymous, 18 years ago

Component: ticket systemreport system
Priority: normallow
Resolution: worksforme
Status: closedreopened
Version: devel0.10

This seems to have reemerged in 0.10.

  • On a system that has \ as a character in a username. e.g. DOMAIN\user on a windows box. Running firefox 1.5.0.7, python 2.3 apache 2.054 mod_python, mod_sspi
  • restrict_owner = true (may not be neccessary)
  • Go to Roadmap, create a milestone and assign some tickets to that milestone
  • Click on active tickets to bring up query
  • Add filter on owner
  • Try to select owner - Names are scrambled because of \ being processed
  • Select an owner anyway and click Update
  • Note query string in URL has scrambled user name and query returns no results
  • Select owner again, this time names are OK and the query works.

comment:6 by Christian Boos, 18 years ago

Resolution: worksforme
Status: reopenedclosed

This works for me both using 0.10.4dev and 0.11.

Might be an issue with mod_sspi …

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to The owner will be changed from Jonas Borgström to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.