M_Kececi/bssapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
M_Kececi
2026-02-18 14:24:50 +03:00
parent dc36699a2b
commit 1f95099677
2 changed files with 53 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
svc/queries/statement_header.go
View File

@@ -18,11 +18,18 @@ func GetStatements(params models.StatementParams) ([]models.StatementHeader, err
// Parislemler []string → '1','2','3'
parislemFilter := "''"
if len(params.Parislemler) > 0 {
quoted := make([]string, len(params.Parislemler))
for i, v := range params.Parislemler {
quoted[i] = fmt.Sprintf("'%s'", v)
quoted := make([]string, 0, len(params.Parislemler))
for _, v := range params.Parislemler {
v = strings.TrimSpace(v)
if v == "" {
continue
}
// Escape tek tırnak to avoid malformed SQL when list is injected into IN (...).
quoted = append(quoted, fmt.Sprintf("'%s'", strings.ReplaceAll(v, "'", "''")))
}
if len(quoted) > 0 {
parislemFilter = strings.Join(quoted, ",")
}
parislemFilter = strings.Join(quoted, ",")
}
query := fmt.Sprintf(`
@@ -155,7 +162,7 @@ SELECT
o.Devir_Bakiyesi,
'%s'
CAST(NULL AS varchar(32)) AS Parislemler
FROM Opening o
@@ -169,7 +176,6 @@ ORDER BY
`,
parislemFilter,
parislemFilter,
parislemFilter,
)
rows, err := db.MssqlDB.Query(query,