添加成员查询的语句，每个条件都要加上escape'/';组织栏目新建文章margin调整

2016-03-25 19:09:25 +08:00 · 2016-03-25 19:09:25 +08:00 · 0f4d2e40fb
parent 2261081dc2
commit 0f4d2e40fb
2 changed files with 2 additions and 2 deletions
--- a/app/models/principal.rb
+++ b/app/models/principal.rb
@ -44,7 +44,7 @@ class Principal < ActiveRecord::Base
    else
      pattern = "%#{q}%".gsub("/","//").gsub("_","/_")
      # sql = %w(login firstname lastname mail).map {|column| "LOWER(#{table_name}.#{column}) LIKE LOWER(:p)"}.join(" OR ")
-      sql= "LOWER(concat(lastname,firstname)) LIKE LOWER(:p) or LOWER(login) LIKE LOWER(:p) or LOWER(mail) LIKE LOWER(:p) escape '/'"
+      sql= "LOWER(concat(lastname,firstname)) LIKE LOWER(:p) escape '/' or LOWER(login) LIKE LOWER(:p) escape '/' or LOWER(mail) LIKE LOWER(:p) escape '/'"
      params = {:p => pattern}
      if q =~ /^(.+)\s+(.+)$/
        a, b = "#{$1}%", "#{$2}%"
--- a/app/views/org_document_comments/new.html.erb
+++ b/app/views/org_document_comments/new.html.erb
@ -38,7 +38,7 @@
 <div class="resources" nhname="new_topic_form" >
  <%= form_tag organization_org_document_comments_path(:organization_id => @organization.id, :field_id => params[:field_id]), :id => 'new_org_document_form' do |f| %>
    <div>
-        <input class="postDetailInput fl mr15" style="margin-bottom:15px;" name="org_document_comment[title]" id="document_title" style="resize:none;" onfocus = "$('#org_document_editor').show();" placeholder="请输入文章标题"></input>
+        <input class="postDetailInput fl mr15"  name="org_document_comment[title]" id="document_title" style="resize:none;" onfocus = "$('#org_document_editor').show();" placeholder="请输入文章标题"></input>
    </div>
    <div id="doc_title_hint">
    </div>