Description
Hi all,
I am using your moduel and first of all I must say that it is great. Today I encountered situation that I cannot handle so please direct me the right way, if it is a bug or just my lack of knowlage. I am using ZF3 with:
"zfcampus/zf-apigility-doctrine": "^2.2",
"zfcampus/zf-doctrine-querybuilder": "^1.6",
"doctrine/doctrine-orm-module": "^1.1",
The reason why I am doing this is that my app has a API module but most of it has normal UI. When I try to filter like this:
domain.com/api/transaction?filter[0][type]=eq&filter[0][field]=name&filter[0][value]=test
Everything is fine. But when I try to do something like this:
domain.com/api/transaction?filter[0][type]=eq&filter[0][field]=fdsafdsafds&filter[0][value]=test
I get this message:
{
"error": "[Semantical Error] line 0, col 68 near 'skdjbvkdjvb =': Error: Class Application\\Entity\\Client\\Transaction has no field or association named skdjbvkdjvb"
}
Which is 100% true, but I would like to hide application information like namespaces etc and not show them to the world. Also when I try this:
domain.com/api/transaction?filter[0][type]=eq&filter[0][fieldName]=fdsafdsafds&filter[0][value]=test
I get this message:
{
"error": "[Syntax Error] line 0, col 69: Error: Expected Doctrine\\ORM\\Query\\Lexer::T_IDENTIFIER, got '='"
}
Which is also not very nice from secutiry point of view. I red your documentation and crawled the code and I cannot find a solution how to change the output when someone will try to break my application adding incorrect URL params. Thank you.
Originally posted by @dominikhalvonik at zfcampus/zf-doctrine-querybuilder#49