Gitiles
Code Review Sign In
git.clicks.codes / Clicks / Forks / ERPNext / 9fbb8192e19524cdea2f9b0204f4d641bc0b3a25^! / .
commit9fbb8192e19524cdea2f9b0204f4d641bc0b3a25[log] [tgz]
authorSaurabh <saurabh6790@gmail.com>Tue Apr 17 11:56:46 2018 +0530
committerNabin Hait <nabinhait@gmail.com>Tue Apr 17 11:56:46 2018 +0530
tree88a8ae8b117b932bdf133959a0497748096510ae
parentea1408f2e04c03f62167b96027417f1f51f69055 [diff]
[fix] do not escape % while using  clause (#13677)


diff --git a/erpnext/stock/report/stock_balance/stock_balance.py b/erpnext/stock/report/stock_balance/stock_balance.py
index 17491ed..45035f2 100644
--- a/erpnext/stock/report/stock_balance/stock_balance.py
+++ b/erpnext/stock/report/stock_balance/stock_balance.py

@@ -104,7 +104,7 @@
 	item_conditions_sql = ''
 	if items:
 		item_conditions_sql = ' and sle.item_code in ({})'\
-			.format(', '.join(['"' + frappe.db.escape(i) + '"' for i in items]))
+			.format(', '.join(['"' + frappe.db.escape(i, percent=False) + '"' for i in items]))
 
 	conditions = get_conditions(filters)
 
@@ -205,7 +205,7 @@
 		select name, item_name, description, item_group, brand, stock_uom
 		from `tabItem`
 		where name in ({0})
-		""".format(', '.join(['"' + frappe.db.escape(i) + '"' for i in items])), as_dict=1):
+		""".format(', '.join(['"' + frappe.db.escape(i, percent=False) + '"' for i in items])), as_dict=1):
 			item_details.setdefault(item.name, item)
 
 	if filters.get('show_variant_attributes', 0) == 1:
@@ -219,7 +219,7 @@
 		select parent, warehouse, warehouse_reorder_qty, warehouse_reorder_level
 		from `tabItem Reorder`
 		where parent in ({0})
-	""".format(', '.join(['"' + frappe.db.escape(i) + '"' for i in items])), as_dict=1)
+	""".format(', '.join(['"' + frappe.db.escape(i, percent=False) + '"' for i in items])), as_dict=1)
 
 	return dict((d.parent + d.warehouse, d) for d in item_reorder_details)
 

diff --git a/erpnext/stock/report/stock_ledger/stock_ledger.py b/erpnext/stock/report/stock_ledger/stock_ledger.py
index c9286a3..5e185e0 100644
--- a/erpnext/stock/report/stock_ledger/stock_ledger.py
+++ b/erpnext/stock/report/stock_ledger/stock_ledger.py

@@ -56,7 +56,7 @@
 	item_conditions_sql = ''
 	if items:
 		item_conditions_sql = 'and sle.item_code in ({})'\
-			.format(', '.join(['"' + frappe.db.escape(i) + '"' for i in items]))
+			.format(', '.join(['"' + frappe.db.escape(i,percent=False) + '"' for i in items]))
 
 	return frappe.db.sql("""select concat_ws(" ", posting_date, posting_time) as date,
 			item_code, warehouse, actual_qty, qty_after_transaction, incoming_rate, valuation_rate,
@@ -97,7 +97,7 @@
 		select name, item_name, description, item_group, brand, stock_uom
 		from `tabItem`
 		where name in ({0})
-		""".format(', '.join(['"' + frappe.db.escape(i) + '"' for i in items])), as_dict=1):
+		""".format(', '.join(['"' + frappe.db.escape(i,percent=False) + '"' for i in items])), as_dict=1):
 			item_details.setdefault(item.name, item)
 
 	return item_details