Author Topic: Exception invalid column name (Read 1586 times)

mewbie · « **on:** February 06, 2018, 08:53:16 am »

Hello,

When I try to filter a column, I got Exception invalid column name from this code :

            
            $dataIndx = $filter->dataIndx;            
            if (ColumnHelper::isValidColumn($dataIndx) == false)
            {
                throw new Exception("Invalid column name");
            }
            $text = $filter->value;
            $condition = $filter->condition;

my column name for dataIndx is using underscore (log_category), could this be the reason?
Error is shown only when filtering. Do you have any workaround? I'm already implementing the name throughout the code.

Thank you.

paramvir · « **Reply #1 on:** February 06, 2018, 11:12:22 am »

Yes it's due to underscore in column name and it can be included by updating isValidColumn method which is most restrictive for security.

Code: [Select]

public static function isValidColumn($dataIndx)
    {            
        if (preg_match('/^[a-z,A-Z]*$/', $dataIndx)) //add underscore or any other character you want included in the regular expression.
        {
            return true;
        }
        else
        {
            return false;
        }
    }.

Author Topic: Exception invalid column name (Read 1586 times)

mewbie

Exception invalid column name

paramvir

Re: Exception invalid column name