Shiloh/brotherton-erpnext
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[fix] escape company filter (#9924)

Browse Source
This commit is contained in:
Saurabh 2017-07-18 16:09:34 +05:30 committed by Makarand Bauskar
parent 75b145fe2c
commit 7f95d587b2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
erpnext/setup/doctype/company/company.py
View File

@ -339,7 +339,7 @@ def update_company_monthly_sales(company):
'''Cache past year monthly sales of every company based on sales invoices''' '''Cache past year monthly sales of every company based on sales invoices'''
from frappe.utils.goal import get_monthly_results from frappe.utils.goal import get_monthly_results
import json import json
filter_str = 'company = "'+ company +'" and status != "Draft"' filter_str = "company = '{0}' and status != 'Draft'".format(frappe.db.escape(company))
month_to_value_dict = get_monthly_results("Sales Invoice", "grand_total", "posting_date", filter_str, "sum") month_to_value_dict = get_monthly_results("Sales Invoice", "grand_total", "posting_date", filter_str, "sum")
frappe.db.sql((''' frappe.db.sql(('''