dolibarr icon indicating copy to clipboard operation
dolibarr copied to clipboard
verified publisher icon Dolibarr

Can't filter by third party name if they contains ()

Open Elikill58 opened this issue 1 year ago • 7 comments

Bug

By calling API with URL like that:

$sqlFilter = urlencode("t.nom:=:'myThirdarty (MT)'");
callApi("api/index.php/thirdparties?sqlfilters=$sqlFilter");

You will get error Bad Request: Error when validating parameter sqlfilters -> Bad syntax of the search string.

Environment Version

18.0.5

Environment OS

Debian 12

Environment Web server

Apache 2

Environment PHP

8.1

Environment Database

mysql

Environment URL(s)

No response

Expected and actual behavior

I were using version 15.0.3. I'm actualling migrating. I want to get a third party by the login/name.

Steps to reproduce the behavior

  1. Create user with parenthesis in his name like My name (MM)
  2. Call API with URL like that: api/index.php/thirdparties?sortfield=t.rowid&sortorder=ASC&limit=100&sqlfilters=t.nom%3A%3D%3A'MyName%20(MN)'

Attached files

Example of full query using swagger (I removed unused line) : image

Elikill58 avatar Feb 15 '24 15:02 Elikill58

Interesting issue. Have you tried using the CHAR(40) solution mentioned on this page?

https://salesforce.stackexchange.com/questions/383197/escaping-parenthesis-in-sql-query-like-clause

JonBendtsen avatar Feb 15 '24 22:02 JonBendtsen

I just tried it and it the same result: image

Elikill58 avatar Feb 16 '24 07:02 Elikill58

This will work but return some unwanted result (_ is any character in MySQL)

$sqlFilter = urlencode("t.nom:=:'myThirdarty _MT_'");

d3v2a avatar Feb 16 '24 17:02 d3v2a

and with just : (t.nom:=:'myThirdarty \(MT\)')

hregis avatar Feb 16 '24 17:02 hregis

This will work but return some unwanted result (_ is any character in MySQL)

$sqlFilter = urlencode("t.nom:=:'myThirdarty _MT_'");

We should use LIKE with this method (instead of =) ?

Elikill58 avatar Feb 16 '24 19:02 Elikill58

and with just : (t.nom:=:'myThirdarty \(MT\)')

No, it doesn't work. I tried lot of example as showed in the link of StackExchange from Jon and it's blcoked too

Elikill58 avatar Feb 16 '24 19:02 Elikill58

We should use LIKE with this method (instead of =) ?

It works with = and is more close to the expected result (_ is only one of any character, % is one or many characters)

d3v2a avatar Feb 16 '24 19:02 d3v2a

We should use LIKE with this method (instead of =) ?

It works with = and is more close to the expected result (_ is only one of any character, % is one or many characters)

I just tried and for me it doesn't works with =.

  • With t.nom:=:'myThirdarty _MT_' -> no result found. So it's better, I no longer have error.
  • With t.nom:LIKE:'myThirdarty _MT_' -> Result found
  • I try by adding myThirdarty MT and myThirdarty aMTa to see the result, and try t.nom:LIKE:'myThirdarty _MT_' and I got 2 result : The right one (with (MT)) and with a (aMTa)

Elikill58 avatar Feb 19 '24 15:02 Elikill58