From 134ea4d837b0c530aa77dca3cc2c761d86518a62 Mon Sep 17 00:00:00 2001 From: Joseph Makara Date: Mon, 12 Apr 2021 19:59:40 +0300 Subject: [PATCH] Use prepared statements instead of string concatenated SQL everywhere (FINERACT-854) --- .../service/ProvisioningEntriesReadPlatformServiceImpl.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java b/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java index 5396bfc9b5e..bb8994d3fb9 100644 --- a/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java +++ b/fineract-provider/src/main/java/org/apache/fineract/accounting/provisioning/service/ProvisioningEntriesReadPlatformServiceImpl.java @@ -75,8 +75,8 @@ private LoanProductProvisioningEntryMapper() { .append(" LEFT JOIN m_loan loan on sch.loan_id = loan.id") .append(" JOIN m_loanproduct_provisioning_mapping lpm on lpm.product_id = loan.product_id") .append(" JOIN m_provisioning_criteria_definition pcd on pcd.criteria_id = lpm.criteria_id and ") - .append("(pcd.min_age <= GREATEST(datediff(?").append(",sch.duedate),0) and ").append("GREATEST(datediff(?") - .append(",sch.duedate),0) <= pcd.max_age) and ").append("pcd.criteria_id is not null ") + .append("(pcd.min_age <= GREATEST(datediff(?,sch.duedate),0) and GREATEST(datediff(?") + .append(",sch.duedate),0) <= pcd.max_age) and pcd.criteria_id is not null ") .append("LEFT JOIN m_client mclient ON mclient.id = loan.client_id ") .append("LEFT JOIN m_group mgroup ON mgroup.id = loan.group_id ") .append("where loan.loan_status_id=300 and sch.duedate = ")