Merge branch 'FINERACT-613' into develop

commit: 2a3aaecf6a63e390deb93154265713c3f0c8348e [log] [tgz]
author: conradsp <sconrad1@gmail.com> Mon Jun 11 14:04:00 2018 -0500
committer: conradsp <sconrad1@gmail.com> Mon Jun 11 14:04:00 2018 -0500
tree: 030709e06a8b8f8e6081432df1cc61cef0283dbc
parent: d2b341159c2b8bc27a16212ebe326dd7bdc4566f [diff]
parent: a847b81792e94137455710e1d21e09cea60bee5c [diff]
diff --git a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java
index 31fdfca..29ec818 100644
--- a/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java
+++ b/fineract-provider/src/main/java/org/apache/fineract/infrastructure/dataqueries/service/ReadWriteNonCoreDataServiceImpl.java

@@ -1187,8 +1187,8 @@
             sql = sql + "select * from `" + dataTableName + "` where id = " + id;
         }
 
-        this.columnValidator.validateSqlInjection(sql, order);
-        if (order != null) {
+        if (StringUtils.isNotBlank(order)) {
+            this.columnValidator.validateSqlInjection(sql, order);
             sql = sql + " order by " + order;
         }
commit	2a3aaecf6a63e390deb93154265713c3f0c8348e	[log] [tgz]
author	conradsp <sconrad1@gmail.com>	Mon Jun 11 14:04:00 2018 -0500
committer	conradsp <sconrad1@gmail.com>	Mon Jun 11 14:04:00 2018 -0500
tree	030709e06a8b8f8e6081432df1cc61cef0283dbc
parent	d2b341159c2b8bc27a16212ebe326dd7bdc4566f [diff]
parent	a847b81792e94137455710e1d21e09cea60bee5c [diff]