Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix escaping

Browse Source
This commit is contained in:
Laurent Destailleur
2020-09-19 23:30:29 +02:00
parent c191dd1a34
commit 216b3c885d
75 changed files with 486 additions and 436 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/commande/class/api_orders.class.php
View File

@@ -193,7 +193,7 @@ class Orders extends DolibarrApi
$sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
}
$sql .= $db->order($sortfield, $sortorder);
$sql .= $this->db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
@@ -201,21 +201,21 @@ class Orders extends DolibarrApi
}
$offset = $limit * $page;
$sql .= $db->plimit($limit + 1, $offset);
$sql .= $this->db->plimit($limit + 1, $offset);
}
dol_syslog("API Rest request");
$result = $db->query($sql);
$result = $this->db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
$num = $this->db->num_rows($result);
$min = min($num, ($limit <= 0 ? $num : $limit));
$i = 0;
while ($i < $min)
{
$obj = $db->fetch_object($result);
$commande_static = new Commande($db);
$obj = $this->db->fetch_object($result);
$commande_static = new Commande($this->db);
if ($commande_static->fetch($obj->rowid)) {
// Add external contacts ids
$commande_static->contacts_ids = $commande_static->liste_contact(-1, 'external', 1);
@@ -224,7 +224,7 @@ class Orders extends DolibarrApi
$i++;
}
} else {
throw new RestException(503, 'Error when retrieve commande list : '.$db->lasterror());
throw new RestException(503, 'Error when retrieve commande list : '.$this->db->lasterror());
}
if (!count($obj_ret)) {
throw new RestException(404, 'No order found');