Adding advanced search for inventory for hlr api #373
Conversation
| query += " WHERE "; | ||
| var i = 0; | ||
| for (var item in params){ | ||
| query += item + " ILIKE '%" + params[item] + "%'"; |
There was a problem hiding this comment.
There's a SQL query injection possible here; can you change this to use prepared statements?
There was a problem hiding this comment.
Gar. Thanks for pointing that out. Yeah I will take care of that.
|
I am not going to lie, I am pretty sure I am out of ideas for this, I can't get anything to work reliably for the amount of variation we have from the search feature. Does anybody have any suggestions? |
|
You could fake it by writing just a small database query to yank down certain items and then filter in the application code. I.e., What are the search features you're wanting to implement? |
|
...that would probably be pretty easy actually. I might have a few questions later on but I might be able to get that working how we want it |
Allows to search several fields for use in the API.