e-commerce-addons

base_sale_multichannel: Fault select

Bug #1288719 reported by Daniel Stenlöv
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
e-commerce-addons
Invalid
Undecided
Daniel Stenlöv

Bug Description

            cr.execute("select * from ir_module_module where name=%s and state=%s" %
                                                            ('product_m2mcategories', 'installed'))

The statement above will produces the wrong SQL-statement and will break connection between openerp 6.1 <-> magento if product_m2mcategories is installed.

Related branches

lp:~registry/e-commerce-addons/fix1288719
Guewen Baconnier @ Camptocamp: Approve
Yannick Vaucher @ Camptocamp: Approve (code review)
Diff: 13 lines (+1/-2)
1 file modified
base_sale_multichannels/sale.py (+1/-2)
Revision history for this message
Sandy Carter (http://www.savoirfairelinux.com) (sandy-carter) wrote :

Could you provide in your description:
A) The expected output (SQL statement)
B) The actual output (SQL statement)

I cannot review your MP since it seems, at a glance, to provide the same statement.

Revision history for this message
Daniel Stenlöv (daniel-stenlov-xclude) wrote :

Original:
cr.execute('select * from ir_module_module where name=%s and state=%s', ('product_m2mcategories','installed'))

Will produce SQL statement:
select * from ir_module_module where name=product_m2mcategories and state=installed

Changed:
cr.execute("select * from ir_module_module where name='product_m2mcategories' and state='installed'")

Will produce SQL statement:
select * from ir_module_module where name='product_m2mcategories' and state='installed'

Comment:
The difference is that name='...' is a string in column name and name=product_m2mcategories is a column called product_m2mcategories compared to column name...

Revision history for this message
Daniel Stenlöv (daniel-stenlov-xclude) wrote :

Just a small note:

cr.execute("select * from ir_module_module where name='%s' and state='%s'", ('product_m2mcategories','installed'))

Will also produce the correct SQL statement. However since the other way was used mostly in the code I changed it to that.

Daniel Stenlöv (daniel-stenlov-xclude)
Changed in e-commerce-addons:
assignee: nobody → Daniel Stenlöv (XCLUDE) (daniel-stenlov-xclude)
Revision history for this message
Guewen Baconnier @ Camptocamp (gbaconnier-c2c) wrote :

Daniel,

In your original bug report, the query was:

            cr.execute("select * from ir_module_module where name=%s and state=%s" %
                                                            ('product_m2mcategories', 'installed'))

Indeed, this code is wrong and would produce

select * from ir_module_module where name=product_m2mcategories and state=installed

However, the current code is

cr.execute('select * from ir_module_module where name=%s and state=%s', ('product_m2mcategories','installed'))

Which is correct. Using params is useless as the values are static, but the query is still valid. See http://initd.org/psycopg/docs/usage.html

Thanks

Changed in e-commerce-addons:
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.