Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix bug reported by scrutinizer

Browse Source
This commit is contained in:
Laurent Destailleur
2017-09-12 19:12:39 +02:00
parent 0744b5d91b
commit 939d33cce7
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/comm/mailing/class/advtargetemailing.class.php
View File

@@ -640,16 +640,16 @@ class AdvanceTargetingMailing extends CommonObject
$sqlwhere[]=$this->transformToSQL('t.firstname',$arrayquery['contact_firstname']); $sqlwhere[]=$this->transformToSQL('t.firstname',$arrayquery['contact_firstname']);
} }
if (!empty($arrayquery['contact_country']) && count($arrayquery['contact_country'])) { if (!empty($arrayquery['contact_country']) && count($arrayquery['contact_country'])) {
$sqlwhere[]= " (t.fk_pays IN (".$db->escape(implode(',',$arrayquery['contact_country']))."))"; $sqlwhere[]= " (t.fk_pays IN (".$this->db->escape(implode(',',$arrayquery['contact_country']))."))";
} }
if (!empty($arrayquery['contact_status']) && count($arrayquery['contact_status'])>0) { if (!empty($arrayquery['contact_status']) && count($arrayquery['contact_status'])>0) {
$sqlwhere[]= " (t.statut IN (".$db->escape(implode(',',$arrayquery['contact_status']))."))"; $sqlwhere[]= " (t.statut IN (".$this->db->escape(implode(',',$arrayquery['contact_status']))."))";
} }
if (!empty($arrayquery['contact_civility']) && count($arrayquery['contact_civility'])>0) { if (!empty($arrayquery['contact_civility']) && count($arrayquery['contact_civility'])>0) {
$sqlwhere[]= " (t.civility IN ('".$db->escape(implode("','",$arrayquery['contact_civility']))."'))"; $sqlwhere[]= " (t.civility IN ('".$this->db->escape(implode("','",$arrayquery['contact_civility']))."'))";
} }
if ($arrayquery['contact_no_email']!='') { if ($arrayquery['contact_no_email']!='') {
$sqlwhere[]= " (t.no_email='".$db->escape($arrayquery['contact_no_email'])."')"; $sqlwhere[]= " (t.no_email='".$this->db->escape($arrayquery['contact_no_email'])."')";
} }
if ($arrayquery['contact_update_st_dt']!='') { if ($arrayquery['contact_update_st_dt']!='') {
$sqlwhere[]= " (t.tms >= '".$this->db->idate($arrayquery['contact_update_st_dt'])."' AND t.tms <= '".$this->db->idate($arrayquery['contact_update_end_dt'])."')"; $sqlwhere[]= " (t.tms >= '".$this->db->idate($arrayquery['contact_update_st_dt'])."' AND t.tms <= '".$this->db->idate($arrayquery['contact_update_end_dt'])."')";

4
htdocs/product/class/html.formproduct.class.php
View File

@@ -115,14 +115,14 @@ class FormProduct
$sql.= " WHERE e.entity IN (".getEntity('stock').")"; $sql.= " WHERE e.entity IN (".getEntity('stock').")";
if (count($warehouseStatus)) if (count($warehouseStatus))
{ {
$sql.= " AND e.statut IN (".$db->escape(implode(',',$warehouseStatus)).")"; $sql.= " AND e.statut IN (".$this->db->escape(implode(',',$warehouseStatus)).")";
} }
else else
{ {
$sql.= " AND e.statut = 1"; $sql.= " AND e.statut = 1";
} }
if(!empty($exclude)) $sql.= ' AND e.rowid NOT IN('.$db->escape(implode(',', $exclude)).')'; if(!empty($exclude)) $sql.= ' AND e.rowid NOT IN('.$this->db->escape(implode(',', $exclude)).')';
if ($sumStock && empty($fk_product)) $sql.= " GROUP BY e.rowid, e.label, e.description, e.fk_parent"; if ($sumStock && empty($fk_product)) $sql.= " GROUP BY e.rowid, e.label, e.description, e.fk_parent";
$sql.= " ORDER BY e.label"; $sql.= " ORDER BY e.label";

2
htdocs/product/class/product.class.php
View File

@@ -3750,7 +3750,7 @@ class Product extends CommonObject
$sql.= " WHERE w.entity IN (".getEntity('stock').")"; $sql.= " WHERE w.entity IN (".getEntity('stock').")";
$sql.= " AND w.rowid = ps.fk_entrepot"; $sql.= " AND w.rowid = ps.fk_entrepot";
$sql.= " AND ps.fk_product = ".$this->id; $sql.= " AND ps.fk_product = ".$this->id;
if ($conf->global->ENTREPOT_EXTRA_STATUS && count($warehouseStatus)) $sql.= " AND w.statut IN (".$db->escape(implode(',',$warehouseStatus)).")"; if ($conf->global->ENTREPOT_EXTRA_STATUS && count($warehouseStatus)) $sql.= " AND w.statut IN (".$this->db->escape(implode(',',$warehouseStatus)).")";
dol_syslog(get_class($this)."::load_stock", LOG_DEBUG); dol_syslog(get_class($this)."::load_stock", LOG_DEBUG);
$result = $this->db->query($sql); $result = $this->db->query($sql);