forked from Wavyzz/dolibarr
Fix escaping
This commit is contained in:
Laurent Destailleur
@@ -106,7 +106,7 @@ class MyModuleApi extends DolibarrApi
|
||||
global $db, $conf;
|
||||
|
||||
$obj_ret = array();
|
||||
$tmpobject = new MyObject($db);
|
||||
$tmpobject = new MyObject($this->db);
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
|
||||
throw new RestException(401);
|
||||
@@ -148,32 +148,32 @@ class MyModuleApi extends DolibarrApi
|
||||
$sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
|
||||
}
|
||||
|
||||
$sql .= $db->order($sortfield, $sortorder);
|
||||
$sql .= $this->db->order($sortfield, $sortorder);
|
||||
if ($limit) {
|
||||
if ($page < 0) {
|
||||
$page = 0;
|
||||
}
|
||||
$offset = $limit * $page;
|
||||
|
||||
$sql .= $db->plimit($limit + 1, $offset);
|
||||
$sql .= $this->db->plimit($limit + 1, $offset);
|
||||
}
|
||||
|
||||
$result = $db->query($sql);
|
||||
$result = $this->db->query($sql);
|
||||
$i = 0;
|
||||
if ($result)
|
||||
{
|
||||
$num = $db->num_rows($result);
|
||||
$num = $this->db->num_rows($result);
|
||||
while ($i < $num)
|
||||
{
|
||||
$obj = $db->fetch_object($result);
|
||||
$tmp_object = new MyObject($db);
|
||||
$obj = $this->db->fetch_object($result);
|
||||
$tmp_object = new MyObject($this->db);
|
||||
if ($tmp_object->fetch($obj->rowid)) {
|
||||
$obj_ret[] = $this->_cleanObjectDatas($tmp_object);
|
||||
}
|
||||
$i++;
|
||||
}
|
||||
} else {
|
||||
throw new RestException(503, 'Error when retrieving myobject list: '.$db->lasterror());
|
||||
throw new RestException(503, 'Error when retrieving myobject list: '.$this->db->lasterror());
|
||||
}
|
||||
if (!count($obj_ret)) {
|
||||
throw new RestException(404, 'No myobject found');
|
||||
|
||||
Reference in New Issue
Block a user