fix broken SQL update

This fixes a bug in the generation of the SQL query, that was introduced in 49dac92034. There were two issues with the generation: 1. the check ids were sometimes not added to the arguments 2. the whereVals were not extracted as arguments This lead to all arguments being treated as one, which caused all sorts of errors in the frontend. By extracting all whereVals and always building it with the check ids first the update starts working correctly again. Found-By: Parsa Yousefi <parsa.yousefi@ionos.com>
2024-09-05 19:14:20 +02:00 · 2024-09-05 19:14:20 +02:00 · 8919bafb3a
commit 8919bafb3a
parent 6f3e8d4772
1 changed files with 2 additions and 2 deletions
--- a/cmd/monfront/main.go
+++ b/cmd/monfront/main.go
@ -366,14 +366,14 @@ func checkAction(con *Context) {
 	}

 	sql := "update " + setTable + " set " + setClause + " where " + whereColumn + " = any($1::bigint[])"
-	if len(whereFields) > 0 {
 	whereVals = append([]any{pq.Array(&checks)}, whereVals...)
+	if len(whereFields) > 0 {
 		for i, column := range whereFields {
 			sql = sql + " and " + column + fmt.Sprintf(" = $%d", i+1)
 		}
 	}

-	_, err := DB.Exec(sql, whereVals)
+	_, err := DB.Exec(sql, whereVals...)
 	if err != nil {
 		con.w.WriteHeader(http.StatusInternalServerError)
 		fmt.Fprintf(con.w, "could not store changes")