[QGIS-trac] Re: [Quantum GIS] #2407: Quick search behaviour in
attributes tables has changed
Quantum GIS
qgis at qgis.org
Sun Feb 21 11:24:39 EST 2010
#2407: Quick search behaviour in attributes tables has changed
-------------------------------------+--------------------------------------
Reporter: GuZzO | Owner: nobody
Type: bug | Status: new
Priority: minor: annoyance | Milestone: Version 1.5.0
Component: Vectors | Version: HEAD
Resolution: | Keywords: search, attribute table
Platform_version: Windows XP | Platform: Windows
Must_fix: No | Status_info: 0
-------------------------------------+--------------------------------------
Comment (by marisn):
Unfortunately "Quick search" is not an "find" anymore. Wildcards are not
accepted, unescaped SQL also gives errors.
I.e. try to find "ab'c" ->
{{{
syntax error, unexpected Unknown_CHARACTER, expecting $end
}}}
Also it allows to inject SQL. I.e. select all records:
{{{
text' or 1=1 or COLUMN like 'text
}}}
Tested on QGIS trunk r12951M with Shapefile (DBF).
--
Ticket URL: <https://trac.osgeo.org/qgis/ticket/2407#comment:3>
Quantum GIS <http://qgis.org>
Quantum GIS is an Open Source GIS viewer/editor supporting OGR, PostGIS, and GRASS formats
More information about the QGIS-trac
mailing list