From 61368136feca77fab55fd9558329ff5249efca2d Mon Sep 17 00:00:00 2001
From: Robert Loipfinger <r.loipfinger@adito.de>
Date: Fri, 12 Oct 2018 13:12:11 +0200
Subject: [PATCH] =?UTF-8?q?Kommunikationsdaten=20f=C3=BCr=20Personen=20rep?=
 =?UTF-8?q?ariert?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 entity/Comm_entity/conditionProcess.js | 67 ++++++++++++++++----------
 1 file changed, 41 insertions(+), 26 deletions(-)

diff --git a/entity/Comm_entity/conditionProcess.js b/entity/Comm_entity/conditionProcess.js
index 6693257607e..7ab504b7b04 100644
--- a/entity/Comm_entity/conditionProcess.js
+++ b/entity/Comm_entity/conditionProcess.js
@@ -1,27 +1,42 @@
-import("system.text");
-import("system.result");
-import("system.vars");
-import("Sql_lib");
-import("Keyword_lib");
-
-var cond, relId, mediumCategories, keywordUtil;
-
-cond = "";
-if(vars.exists("$param.RelId_param") && (relId = vars.get("$param.RelId_param")) != null){
-    cond += " and COMM.RELATION_ID in ('" + relId + "')";//TODO: quoting/prevent sql-injection 
-}
-if (vars.exists("$param.MediumCategoriesFilter_param") && (mediumCategories = vars.get("$param.MediumCategoriesFilter_param")) != null){
-    mediumCategories = text.decodeMS(mediumCategories);
-    keywordUtil = new KeywordUtils();
-    var kwd = keywordUtil.createKeyword("COMM.MEDIUM");
-    kwd.filter(function(id, name, customs){
-        return mediumCategories.indexOf(customs.category) > -1;
-    });
-    mediumIds = kwd.toArray("id");
-    if (mediumIds.length == 0)
-        throw new Error();//TODO: add message
-        
-    cond += " and COMM.MEDIUM_ID in (" + mediumIds.join(", ") + ")";
-}
-
+import("system.logging");
+import("system.text");
+import("system.result");
+import("system.vars");
+import("Sql_lib");
+import("Keyword_lib");
+
+var cond, relId, mediumCategories, keywordUtil;
+
+
+
+cond = "";
+if(vars.exists("$param.RelId_param")){
+    
+    relId = vars.get("$param.RelId_param");
+    
+     if (relId != null && relId != "" && relId != undefined)
+     {      
+        cond += " and COMM.RELATION_ID in ('" + relId + "')";//TODO: quoting/prevent sql-injection 
+     }
+}
+if (vars.exists("$param.MediumCategoriesFilter_param")){
+    
+    mediumCategories = vars.get("$param.MediumCategoriesFilter_param");
+    if (mediumCategories != null && mediumCategories != "" && mediumCategories != undefined)
+    {
+   
+        mediumCategories = text.decodeMS(mediumCategories);   
+        keywordUtil = new KeywordUtils();
+        var kwd = keywordUtil.createKeyword("COMM.MEDIUM");
+        kwd.filter(function(id, name, customs){
+            return mediumCategories.indexOf(customs.category) > -1;
+        });
+        mediumIds = kwd.toArray("id");
+        if (mediumIds.length == 0)
+            throw new Error();//TODO: add message
+
+        cond += " and COMM.MEDIUM_ID in (" + mediumIds.join(", ") + ")";
+    }
+}
+
 result.string(cond ? "1 = 1 " + cond: "1 = 2");
\ No newline at end of file
-- 
GitLab