From a5e3adc6f1453a3719fa0aeda7a8e01fe2ffb5cc Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 29 Jul 2019 10:51:17 +0200 Subject: [PATCH 1/3] Fix travis --- htdocs/bom/class/bom.class.php | 4 ++-- htdocs/comm/propal/class/propal.class.php | 4 ++-- htdocs/commande/class/commande.class.php | 4 ++-- htdocs/compta/facture/class/facture.class.php | 4 ++-- htdocs/contrat/class/contrat.class.php | 4 ++-- htdocs/expedition/class/expedition.class.php | 4 ++-- htdocs/expensereport/class/expensereport.class.php | 4 ++-- htdocs/fichinter/class/fichinter.class.php | 4 ++-- htdocs/fourn/class/fournisseur.commande.class.php | 4 ++-- htdocs/fourn/class/fournisseur.facture.class.php | 4 ++-- htdocs/livraison/class/livraison.class.php | 4 ++-- htdocs/reception/class/reception.class.php | 4 ++-- htdocs/supplier_proposal/class/supplier_proposal.class.php | 4 ++-- 13 files changed, 26 insertions(+), 26 deletions(-) diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index dd861d5dc47..40b4e89dfc5 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -584,8 +584,8 @@ class BOM extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'bom/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'bom/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'bom/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'bom/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 5de2c9b23f5..d957235d967 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1809,8 +1809,8 @@ class Propal extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'propale/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'propale/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'propale/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'propale/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index d0e0addbc94..15156688603 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -425,8 +425,8 @@ class Commande extends CommonOrder if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'commande/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'commande/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'commande/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'commande/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 2a9a4f5686d..216282d369e 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -2419,8 +2419,8 @@ class Facture extends CommonInvoice if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'facture/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'facture/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'facture/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'facture/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 0b08d3723da..bfc18faf123 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -487,8 +487,8 @@ class Contrat extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'contract/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'contract/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'contract/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'contract/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 37f191a0ab0..3205a245285 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -814,8 +814,8 @@ class Expedition extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/sending/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'expedition/sending/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/sending/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expedition/sending/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index 2d9795e6f59..63b0b798a29 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1152,8 +1152,8 @@ class ExpenseReport extends CommonObject require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expensereport/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'expensereport/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expensereport/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expensereport/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index ce066fc8c11..c987e6ffc58 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -577,8 +577,8 @@ class Fichinter extends CommonObject require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'ficheinter/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'ficheinter/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'ficheinter/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'ficheinter/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index b32e90c311d..c85bfaaf2d3 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -552,8 +552,8 @@ class CommandeFournisseur extends CommonOrder if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/commande/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'fournisseur/commande/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/commande/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'fournisseur/commande/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index b13925bf29d..31780d33ed5 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1420,8 +1420,8 @@ class FactureFournisseur extends CommonInvoice if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/livraison/class/livraison.class.php b/htdocs/livraison/class/livraison.class.php index f24a2aee713..88cf4e1355a 100644 --- a/htdocs/livraison/class/livraison.class.php +++ b/htdocs/livraison/class/livraison.class.php @@ -442,8 +442,8 @@ class Livraison extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/receipt/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'expedition/receipt/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/receipt/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expedition/receipt/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 84f95e40b9a..e89eb2c595b 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -644,8 +644,8 @@ class Reception extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'reception/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'reception/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'reception/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'reception/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 786485ad6dd..cb4f774a951 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1485,8 +1485,8 @@ class SupplierProposal extends CommonObject if (preg_match('/^[\(]?PROV/i', $this->ref)) { // Now we rename also files into index - $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->newref."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'supplier_proposal/".$this->newref."'"; - $sql.= " WHERE filename LIKE '".$this->ref."%' AND filepath = 'supplier_proposal/".$this->ref."' and entity = ".$conf->entity; + $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'supplier_proposal/".$this->db->escape($this->newref)."'"; + $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'supplier_proposal/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } From f82571120675a2b22606d13f9f0077e1fbb506dd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 29 Jul 2019 11:01:29 +0200 Subject: [PATCH 2/3] Code comment --- htdocs/core/modules/societe/modules_societe.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/societe/modules_societe.class.php b/htdocs/core/modules/societe/modules_societe.class.php index d185b4cfcf7..4a873847d8a 100644 --- a/htdocs/core/modules/societe/modules_societe.class.php +++ b/htdocs/core/modules/societe/modules_societe.class.php @@ -393,7 +393,7 @@ abstract class ModeleAccountancyCode * @param int $hidedesc Hide description * @param int $hideref Hide ref * @return int <0 if KO, >0 if OK - * @deprecated Use the new function generateDocument of Facture class + * @deprecated Use the new function generateDocument of Objects class * @see Societe::generateDocument() */ function thirdparty_doc_create(DoliDB $db, Societe $object, $message, $modele, $outputlangs, $hidedetails = 0, $hidedesc = 0, $hideref = 0) From 7931f0b422b6f193606079a6c3368d33ee18e916 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 29 Jul 2019 11:06:39 +0200 Subject: [PATCH 3/3] Fix sql error --- htdocs/bom/class/bom.class.php | 2 +- htdocs/comm/propal/class/propal.class.php | 2 +- htdocs/commande/class/commande.class.php | 2 +- htdocs/compta/facture/class/facture.class.php | 2 +- htdocs/contrat/class/contrat.class.php | 2 +- htdocs/expedition/class/expedition.class.php | 2 +- htdocs/expensereport/class/expensereport.class.php | 2 +- htdocs/fichinter/class/fichinter.class.php | 2 +- htdocs/fourn/class/fournisseur.commande.class.php | 2 +- htdocs/fourn/class/fournisseur.facture.class.php | 2 +- htdocs/livraison/class/livraison.class.php | 2 +- htdocs/reception/class/reception.class.php | 2 +- htdocs/supplier_proposal/class/supplier_proposal.class.php | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index 40b4e89dfc5..7ad86b59ae8 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -585,7 +585,7 @@ class BOM extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'bom/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'bom/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'bom/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index d957235d967..a9746ca6f65 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1810,7 +1810,7 @@ class Propal extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'propale/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'propale/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'propale/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 15156688603..434d43e8ffa 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -426,7 +426,7 @@ class Commande extends CommonOrder { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'commande/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'commande/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'commande/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 216282d369e..a8b75341ed3 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -2420,7 +2420,7 @@ class Facture extends CommonInvoice { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'facture/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'facture/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'facture/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index bfc18faf123..147d31311d3 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -488,7 +488,7 @@ class Contrat extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'contract/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'contract/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'contract/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 3205a245285..7fc4def441b 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -815,7 +815,7 @@ class Expedition extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/sending/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expedition/sending/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/sending/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index 63b0b798a29..1160a6dcb94 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1153,7 +1153,7 @@ class ExpenseReport extends CommonObject // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expensereport/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expensereport/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expensereport/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index c987e6ffc58..4ce2aa954b2 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -578,7 +578,7 @@ class Fichinter extends CommonObject // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'ficheinter/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'ficheinter/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'ficheinter/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index c85bfaaf2d3..d15545e4cda 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -553,7 +553,7 @@ class CommandeFournisseur extends CommonOrder { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/commande/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'fournisseur/commande/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'fournisseur/commande/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 31780d33ed5..9fe2f9bf6ed 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1421,7 +1421,7 @@ class FactureFournisseur extends CommonInvoice { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'fournisseur/facture/".get_exdir($this->id, 2, 0, 0, $this, 'invoice_supplier').$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/livraison/class/livraison.class.php b/htdocs/livraison/class/livraison.class.php index 88cf4e1355a..a8eee72df33 100644 --- a/htdocs/livraison/class/livraison.class.php +++ b/htdocs/livraison/class/livraison.class.php @@ -443,7 +443,7 @@ class Livraison extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'expedition/receipt/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'expedition/receipt/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'expedition/receipt/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index e89eb2c595b..3e2776675a1 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -645,7 +645,7 @@ class Reception extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'reception/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'reception/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'reception/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); } diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index cb4f774a951..481d80cab57 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1486,7 +1486,7 @@ class SupplierProposal extends CommonObject { // Now we rename also files into index $sql = 'UPDATE '.MAIN_DB_PREFIX."ecm_files set filename = CONCAT('".$this->db->escape($this->newref)."', SUBSTR(filename, ".(strlen($this->ref)+1).")), filepath = 'supplier_proposal/".$this->db->escape($this->newref)."'"; - $sql.= " WHERE filename LIKE '".$this->db->escape($this-ref)."%' AND filepath = 'supplier_proposal/".$this->db->escape($this-ref)."' and entity = ".$conf->entity; + $sql.= " WHERE filename LIKE '".$this->db->escape($this->ref)."%' AND filepath = 'supplier_proposal/".$this->db->escape($this->ref)."' and entity = ".$conf->entity; $resql = $this->db->query($sql); if (! $resql) { $error++; $this->error = $this->db->lasterror(); }