commit | 2a3aaecf6a63e390deb93154265713c3f0c8348e | [log] [tgz] |
---|---|---|
author | conradsp <sconrad1@gmail.com> | Mon Jun 11 14:04:00 2018 -0500 |
committer | conradsp <sconrad1@gmail.com> | Mon Jun 11 14:04:00 2018 -0500 |
tree | 030709e06a8b8f8e6081432df1cc61cef0283dbc | |
parent | d2b341159c2b8bc27a16212ebe326dd7bdc4566f [diff] | |
parent | a847b81792e94137455710e1d21e09cea60bee5c [diff] |
Merge branch 'FINERACT-613' into develop
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java index 31fdfca..29ec818 100644 --- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java +++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java
@@ -1187,8 +1187,8 @@ sql = sql + "select * from `" + dataTableName + "` where id = " + id; } - this.columnValidator.validateSqlInjection(sql, order); - if (order != null) { + if (StringUtils.isNotBlank(order)) { + this.columnValidator.validateSqlInjection(sql, order); sql = sql + " order by " + order; }