renaldi.brada1904/api-antrian-operasi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allowing some character to build query

Browse Source
This commit is contained in:
renaldybrada
2026-02-12 08:31:35 +07:00
parent c67fc44270
commit 15dc57c2c2
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/utils/query/builder.go
+1 -1
View File
@@ -1495,7 +1495,7 @@ func (qb *QueryBuilder) isValidExpression(expr string) bool {
// This is a simplified check. A more robust solution might use a proper SQL parser library.
// For now, we allow alphanumeric, underscore, dots, parentheses, and common operators.
// For SQL Server, allow brackets [] and spaces for column names.
allowedChars := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.,() *-/[]"
allowedChars := "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.,() *-/[]'\"="
for _, r := range expr {
if !strings.ContainsRune(allowedChars, r) {
return false