SQL Error using User field filter

SQL Error using User field filter

by Paul Watkins -
Number of replies: 1

We have a report that lists the number of users on a course and how many have completed the course.

This can be filtered by a custom user profile field, that shows the name of the location they work at.

%%FILTER_USERS:ad.data%%

The issue is with some of the values in this list, as the include '. Such as: St Mary's Catholic Primary School

The value in the select menu is Base64 encoded, but when decoded to add the value to the filter the ' isn't delimited. Causing a dmlreadexception error.

IE: AND ad.data LIKE '%St Mary's Catholic Primary School%' 

How can we fix this? Or change the SQL code to get the posted value directly?

Any help would be greatly appreciated.

Thanks

Average of ratings: -
In reply to Paul Watkins

Re: SQL Error using User field filter

by David Saylor -
There is a function called addslashes() in php that you could wrap the parameter value in just after being decoded. That should fix the issue for you. Haven't tested to verify, but a quick look at the code I would make the change here:

blocks/configurable_reports/components/filters/fuserfield/plugin.class.php line 50

$filter = addslashes(clean_param(base64_decode($filterfuserfield), PARAM_CLEAN));
Average of ratings: -