mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-06 09:38:23 +01:00
Clean code
This commit is contained in:
Laurent Destailleur
@@ -1137,17 +1137,17 @@ class BookKeeping extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.doc_date') {
|
||||
$sqlwhere[] = $key.'=\''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->idate($value)."'";
|
||||
} elseif ($key == 't.doc_date>=' || $key == 't.doc_date<=') {
|
||||
$sqlwhere[] = $key.'\''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key."'".$this->db->idate($value)."'";
|
||||
} elseif ($key == 't.numero_compte>=' || $key == 't.numero_compte<=' || $key == 't.subledger_account>=' || $key == 't.subledger_account<=') {
|
||||
$sqlwhere[] = $key.'\''.$this->db->escape($value).'\'';
|
||||
$sqlwhere[] = $key."'".$this->db->escape($value)."'";
|
||||
} elseif ($key == 't.fk_doc' || $key == 't.fk_docdet' || $key == 't.piece_num') {
|
||||
$sqlwhere[] = $key.'='.$value;
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif ($key == 't.subledger_account' || $key == 't.numero_compte') {
|
||||
$sqlwhere[] = $key.' LIKE \''.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '".$this->db->escape($value)."%'";
|
||||
} elseif ($key == 't.subledger_label') {
|
||||
$sqlwhere[] = $key.' LIKE \''.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '".$this->db->escape($value)."%'";
|
||||
} elseif ($key == 't.code_journal' && !empty($value)) {
|
||||
if (is_array($value)) {
|
||||
$sqlwhere[] = natural_search("t.code_journal", join(',', $value), 3, 1);
|
||||
@@ -1155,7 +1155,7 @@ class BookKeeping extends CommonObject
|
||||
$sqlwhere[] = natural_search("t.code_journal", $value, 3, 1);
|
||||
}
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -208,13 +208,13 @@ class CProductNature // extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.active' || $key == 't.code') {
|
||||
$sqlwhere[] = $key.'='.(int) $value;
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif (strpos($key, 'date') !== false) {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->idate($value)."'";
|
||||
} elseif ($key == 't.label') {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->escape($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -230,19 +230,16 @@ class Ctyperesource
|
||||
|
||||
$sql = 'SELECT';
|
||||
$sql .= ' t.rowid,';
|
||||
|
||||
$sql .= " t.code,";
|
||||
$sql .= " t.label,";
|
||||
$sql .= " t.active";
|
||||
|
||||
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
|
||||
|
||||
// Manage filter
|
||||
$sqlwhere = array();
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
$sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere [] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -251,13 +251,13 @@ class CUnits // extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.active' || $key == 't.scale') {
|
||||
$sqlwhere[] = $key.'='.(int) $value;
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif (strpos($key, 'date') !== false) {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->idate($value)."'";
|
||||
} elseif ($key == 't.unit_type' || $key == 't.code' || $key == 't.short_label') {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->escape($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -264,17 +264,17 @@ class DefaultValues extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || ($key == 't.entity' && !is_array($value)) || ($key == 't.user_id' && !is_array($value))) {
|
||||
$sqlwhere[] = $key.'='.$value;
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif (isset($this->fields[$key]) && in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->idate($value)."'";
|
||||
} elseif ($key == 't.page' || $key == 't.param' || $key == 't.type') {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->escape($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'customsql') {
|
||||
$sqlwhere[] = $value;
|
||||
} elseif (is_array($value)) {
|
||||
$sqlwhere[] = $key.' IN ('.$this->db->sanitize(implode(',', $value)).')';
|
||||
$sqlwhere[] = $key." IN (".$this->db->sanitize(implode(',', $value)).")";
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8900,10 +8900,10 @@ function natural_search($fields, $value, $mode = 0, $nofirstand = 0)
|
||||
foreach ($tmparray as $val) {
|
||||
$val = trim($val);
|
||||
if ($val) {
|
||||
$newres .= ($i2 > 0 ? ' OR (' : '(').$field.' LIKE \''.$db->escape($val).',%\'';
|
||||
$newres .= ' OR '.$field.' = \''.$db->escape($val).'\'';
|
||||
$newres .= ' OR '.$field.' LIKE \'%,'.$db->escape($val).'\'';
|
||||
$newres .= ' OR '.$field.' LIKE \'%,'.$db->escape($val).',%\'';
|
||||
$newres .= ($i2 > 0 ? " OR (" : "(").$field." LIKE '".$db->escape($val).",%'";
|
||||
$newres .= ' OR '.$field." = '".$db->escape($val)."'";
|
||||
$newres .= ' OR '.$field." LIKE '%,".$db->escape($val)."'";
|
||||
$newres .= ' OR '.$field." LIKE '%,".$db->escape($val).",%'";
|
||||
$newres .= ')';
|
||||
$i2++;
|
||||
}
|
||||
@@ -8942,7 +8942,7 @@ function natural_search($fields, $value, $mode = 0, $nofirstand = 0)
|
||||
$newres .= $tmpafter;
|
||||
$newres .= "'";
|
||||
if ($tmpcrit2 == '') {
|
||||
$newres .= ' OR '.$field." IS NULL";
|
||||
$newres .= " OR ".$field." IS NULL";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9538,7 +9538,7 @@ function getDictvalue($tablename, $field, $id, $checkentity = false, $rowidfield
|
||||
if (!isset($dictvalues[$tablename])) {
|
||||
$dictvalues[$tablename] = array();
|
||||
|
||||
$sql = 'SELECT * FROM '.$tablename.' WHERE 1 = 1'; // Here select * is allowed as it is generic code and we don't have list of fields
|
||||
$sql = "SELECT * FROM ".$tablename." WHERE 1 = 1"; // Here select * is allowed as it is generic code and we don't have list of fields
|
||||
if ($checkentity) {
|
||||
$sql .= ' AND entity IN (0,'.getEntity($tablename).')';
|
||||
}
|
||||
|
||||
@@ -1235,7 +1235,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $
|
||||
$sqlwhere .= "(SUBSTRING(".$field.", ".$yearpos.", ".$yearlen.") = '".$db->escape($yearcomp)."'";
|
||||
$sqlwhere .= " AND SUBSTRING(".$field.", ".$monthpos.", ".$monthlen.") = '".str_pad($monthcomp, $monthlen, '0', STR_PAD_LEFT)."')";
|
||||
} else { // reset is done on january
|
||||
$sqlwhere .= '(SUBSTRING('.$field.', '.$yearpos.', '.$yearlen.") = '".$db->escape($yearcomp)."')";
|
||||
$sqlwhere .= "(SUBSTRING(".$field.", ".$yearpos.", ".$yearlen.") = '".$db->escape($yearcomp)."')";
|
||||
}
|
||||
}
|
||||
//print "sqlwhere=".$sqlwhere." yearcomp=".$yearcomp."<br>\n"; // sqlwhere and yearcomp defined only if we ask a reset
|
||||
@@ -1250,7 +1250,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $
|
||||
if ($posnumstart < 0) {
|
||||
return 'ErrorBadMaskFailedToLocatePosOfSequence';
|
||||
}
|
||||
$sqlstring = 'SUBSTRING('.$field.', '.($posnumstart + 1).', '.dol_strlen($maskcounter).')';
|
||||
$sqlstring = "SUBSTRING(".$field.", ".($posnumstart + 1).", ".dol_strlen($maskcounter).")";
|
||||
|
||||
// Define $maskLike
|
||||
$maskLike = dol_string_nospecial($mask);
|
||||
@@ -1291,7 +1291,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $
|
||||
$sql .= $where;
|
||||
}
|
||||
if ($sqlwhere) {
|
||||
$sql .= ' AND '.$sqlwhere;
|
||||
$sql .= " AND ".$sqlwhere;
|
||||
}
|
||||
|
||||
//print $sql.'<br>';
|
||||
@@ -1351,7 +1351,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $
|
||||
$sql .= $where;
|
||||
}
|
||||
if ($sqlwhere) {
|
||||
$sql .= ' AND '.$sqlwhere;
|
||||
$sql .= " AND ".$sqlwhere;
|
||||
}
|
||||
|
||||
dol_syslog("functions2::get_next_value mode=".$mode."", LOG_DEBUG);
|
||||
@@ -1414,7 +1414,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $
|
||||
if ($sqlwhere) {
|
||||
$maskrefclient_sql .= ' AND '.$sqlwhere; //use the same sqlwhere as general mask
|
||||
}
|
||||
$maskrefclient_sql .= ' AND (SUBSTRING('.$field.', '.(strpos($maskwithnocode, $maskrefclient) + 1).', '.dol_strlen($maskrefclient_maskclientcode).")='".$db->escape($maskrefclient_clientcode)."')";
|
||||
$maskrefclient_sql .= " AND (SUBSTRING(".$field.", ".(strpos($maskwithnocode, $maskrefclient) + 1).", ".dol_strlen($maskrefclient_maskclientcode).") = '".$db->escape($maskrefclient_clientcode)."')";
|
||||
|
||||
dol_syslog("functions2::get_next_value maskrefclient", LOG_DEBUG);
|
||||
$maskrefclient_resql = $db->query($maskrefclient_sql);
|
||||
@@ -2250,7 +2250,7 @@ function cleanCorruptedTree($db, $tabletocleantree, $fieldfkparent)
|
||||
$listofparentid = array();
|
||||
|
||||
// Get list of all id in array listofid and all parents in array listofparentid
|
||||
$sql = 'SELECT rowid, '.$fieldfkparent.' as parent_id FROM '.MAIN_DB_PREFIX.$tabletocleantree;
|
||||
$sql = "SELECT rowid, ".$fieldfkparent." as parent_id FROM ".MAIN_DB_PREFIX.$tabletocleantree;
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
|
||||
@@ -958,8 +958,8 @@ function getTicketActionCommEcmList($object)
|
||||
|
||||
$sql = 'SELECT ecm.rowid as id, ecm.src_object_type, ecm.src_object_id, ecm.filepath, ecm.filename';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'ecm_files ecm';
|
||||
$sql .= ' WHERE ecm.filepath = \'agenda/'.$object->id.'\'';
|
||||
//$sql.= ' ecm.src_object_type = \''.$object->element.'\' AND ecm.src_object_id = '.((int) $object->id); // Actually upload file doesn't add type
|
||||
$sql .= " WHERE ecm.filepath = 'agenda/".((int) $object->id)."'";
|
||||
//$sql.= " ecm.src_object_type = '".$db->escape($object->element)."' AND ecm.src_object_id = ".((int) $object->id); // Old version didn't add object_type during upload
|
||||
$sql .= ' ORDER BY ecm.position ASC';
|
||||
|
||||
$resql = $db->query($sql);
|
||||
|
||||
@@ -223,7 +223,7 @@ function dolSavePageContent($filetpl, Website $object, WebsitePage $objectpage,
|
||||
}
|
||||
|
||||
// Add "has translation pages"
|
||||
$sql = 'SELECT rowid as id, lang, pageurl from '.MAIN_DB_PREFIX.'website_page where fk_page IN ('.$db->sanitize($objectpage->id.($translationof ? ', '.$translationof : '')).")";
|
||||
$sql = "SELECT rowid as id, lang, pageurl from ".MAIN_DB_PREFIX.'website_page where fk_page IN ('.$db->sanitize($objectpage->id.($translationof ? ", ".$translationof : '')).")";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num_rows = $db->num_rows($resql);
|
||||
|
||||
@@ -55,18 +55,18 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes
|
||||
$usernamecol2 = 'email';
|
||||
$entitycol = 'entity';
|
||||
|
||||
$sql = 'SELECT rowid, login, entity, pass, pass_crypted, datestartvalidity, dateendvalidity';
|
||||
$sql .= ' FROM '.$table;
|
||||
$sql .= ' WHERE ('.$usernamecol1." = '".$db->escape($usertotest)."'";
|
||||
$sql = "SELECT rowid, login, entity, pass, pass_crypted, datestartvalidity, dateendvalidity";
|
||||
$sql .= " FROM ".$table;
|
||||
$sql .= " WHERE (".$usernamecol1." = '".$db->escape($usertotest)."'";
|
||||
if (preg_match('/@/', $usertotest)) {
|
||||
$sql .= ' OR '.$usernamecol2." = '".$db->escape($usertotest)."'";
|
||||
$sql .= " OR ".$usernamecol2." = '".$db->escape($usertotest)."'";
|
||||
}
|
||||
$sql .= ') AND '.$entitycol." IN (0,".($entity ? $entity : 1).")";
|
||||
$sql .= ' AND statut = 1';
|
||||
$sql .= ") AND ".$entitycol." IN (0,".($entity ? ((int) $entity) : 1).")";
|
||||
$sql .= " AND statut = 1";
|
||||
// Note: Test on validity is done later
|
||||
// Required to firstly found the user into entity, then the superadmin.
|
||||
// For the case (TODO we must avoid that) a user has renamed its login with same value than a user in entity 0.
|
||||
$sql .= ' ORDER BY entity DESC';
|
||||
// Order is required to firstly found the user into entity, then the superadmin.
|
||||
// For the case (TODO: we must avoid that) a user has renamed its login with same value than a user in entity 0.
|
||||
$sql .= " ORDER BY entity DESC";
|
||||
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
|
||||
@@ -720,7 +720,7 @@ class ImportCsv extends ModeleImports
|
||||
}
|
||||
if ($val == 'user->id') {
|
||||
$listfields[] = preg_replace('/^'.preg_quote($alias, '/').'\./', '', $key);
|
||||
$listvalues[] = $user->id;
|
||||
$listvalues[] = ((int) $user->id);
|
||||
} elseif (preg_match('/^lastrowid-/', $val)) {
|
||||
$tmp = explode('-', $val);
|
||||
$lastinsertid = (isset($last_insert_id_array[$tmp[1]])) ? $last_insert_id_array[$tmp[1]] : 0;
|
||||
@@ -731,7 +731,7 @@ class ImportCsv extends ModeleImports
|
||||
} elseif (preg_match('/^const-/', $val)) {
|
||||
$tmp = explode('-', $val, 2);
|
||||
$listfields[] = preg_replace('/^'.preg_quote($alias, '/').'\./', '', $key);
|
||||
$listvalues[] = "'".$tmp[1]."'";
|
||||
$listvalues[] = "'".$this->db->escape($tmp[1])."'";
|
||||
} else {
|
||||
$this->errors[$error]['lib'] = 'Bad value of profile setup '.$val.' for array_import_fieldshidden';
|
||||
$this->errors[$error]['type'] = 'Import profile setup';
|
||||
@@ -753,7 +753,7 @@ class ImportCsv extends ModeleImports
|
||||
// We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields)
|
||||
|
||||
if (empty($lastinsertid)) { // No insert done yet for a parent table
|
||||
$sqlSelect = 'SELECT rowid FROM '.$tablename;
|
||||
$sqlSelect = "SELECT rowid FROM ".$tablename;
|
||||
|
||||
$data = array_combine($listfields, $listvalues);
|
||||
$where = array();
|
||||
@@ -764,7 +764,7 @@ class ImportCsv extends ModeleImports
|
||||
$where[] = $key.' = '.$data[$key];
|
||||
$filters[] = $col.' = '.$data[$key];
|
||||
}
|
||||
$sqlSelect .= ' WHERE '.implode(' AND ', $where);
|
||||
$sqlSelect .= " WHERE ".implode(' AND ', $where);
|
||||
|
||||
$resql = $this->db->query($sqlSelect);
|
||||
if ($resql) {
|
||||
@@ -791,12 +791,12 @@ class ImportCsv extends ModeleImports
|
||||
// a direct insert into subtable extrafields, but when me wake an update, the insertid is defined and the child record
|
||||
// may already exists. So we rescan the extrafield table to know if record exists or not for the rowid.
|
||||
// Note: For extrafield tablename, we have in importfieldshidden_array an enty 'extra.fk_object'=>'lastrowid-tableparent' so $keyfield is 'fk_object'
|
||||
$sqlSelect = 'SELECT rowid FROM '.$tablename;
|
||||
$sqlSelect = "SELECT rowid FROM ".$tablename;
|
||||
|
||||
if (empty($keyfield)) {
|
||||
$keyfield = 'rowid';
|
||||
}
|
||||
$sqlSelect .= ' WHERE '.$keyfield.' = '.((int) $lastinsertid);
|
||||
$sqlSelect .= " WHERE ".$keyfield.' = '.((int) $lastinsertid);
|
||||
|
||||
$resql = $this->db->query($sqlSelect);
|
||||
if ($resql) {
|
||||
@@ -818,19 +818,19 @@ class ImportCsv extends ModeleImports
|
||||
|
||||
if (!empty($lastinsertid)) {
|
||||
// Build SQL UPDATE request
|
||||
$sqlstart = 'UPDATE '.$tablename;
|
||||
$sqlstart = "UPDATE ".$tablename;
|
||||
|
||||
$data = array_combine($listfields, $listvalues);
|
||||
$set = array();
|
||||
foreach ($data as $key => $val) {
|
||||
$set[] = $key.' = '.$val;
|
||||
$set[] = $key." = ".$val;
|
||||
}
|
||||
$sqlstart .= ' SET '.implode(', ', $set);
|
||||
$sqlstart .= " SET ".implode(', ', $set);
|
||||
|
||||
if (empty($keyfield)) {
|
||||
$keyfield = 'rowid';
|
||||
}
|
||||
$sqlend = ' WHERE '.$keyfield.' = '.((int) $lastinsertid);
|
||||
$sqlend = " WHERE ".$keyfield." = ".((int) $lastinsertid);
|
||||
|
||||
$sql = $sqlstart.$sqlend;
|
||||
|
||||
@@ -851,17 +851,17 @@ class ImportCsv extends ModeleImports
|
||||
// Update not done, we do insert
|
||||
if (!$error && !$updatedone) {
|
||||
// Build SQL INSERT request
|
||||
$sqlstart = 'INSERT INTO '.$tablename.'('.implode(', ', $listfields).', import_key';
|
||||
$sqlend = ') VALUES('.implode(', ', $listvalues).", '".$this->db->escape($importid)."'";
|
||||
$sqlstart = "INSERT INTO ".$tablename."(".implode(", ", $listfields).", import_key";
|
||||
$sqlend = ") VALUES(".implode(', ', $listvalues).", '".$this->db->escape($importid)."'";
|
||||
if (!empty($tablewithentity_cache[$tablename])) {
|
||||
$sqlstart .= ', entity';
|
||||
$sqlend .= ', '.$conf->entity;
|
||||
$sqlstart .= ", entity";
|
||||
$sqlend .= ", ".$conf->entity;
|
||||
}
|
||||
if (!empty($objimport->array_import_tables_creator[0][$alias])) {
|
||||
$sqlstart .= ', '.$objimport->array_import_tables_creator[0][$alias];
|
||||
$sqlend .= ', '.$user->id;
|
||||
$sqlstart .= ", ".$objimport->array_import_tables_creator[0][$alias];
|
||||
$sqlend .= ", ".$user->id;
|
||||
}
|
||||
$sql = $sqlstart.$sqlend.')';
|
||||
$sql = $sqlstart.$sqlend.")";
|
||||
//dol_syslog("import_csv.modules", LOG_DEBUG);
|
||||
|
||||
// Run insert request
|
||||
|
||||
@@ -761,7 +761,7 @@ class ImportXlsx extends ModeleImports
|
||||
}
|
||||
if ($val == 'user->id') {
|
||||
$listfields[] = preg_replace('/^' . preg_quote($alias, '/') . '\./', '', $key);
|
||||
$listvalues[] = $user->id;
|
||||
$listvalues[] = ((int) $user->id);
|
||||
} elseif (preg_match('/^lastrowid-/', $val)) {
|
||||
$tmp = explode('-', $val);
|
||||
$lastinsertid = (isset($last_insert_id_array[$tmp[1]])) ? $last_insert_id_array[$tmp[1]] : 0;
|
||||
@@ -772,7 +772,7 @@ class ImportXlsx extends ModeleImports
|
||||
} elseif (preg_match('/^const-/', $val)) {
|
||||
$tmp = explode('-', $val, 2);
|
||||
$listfields[] = preg_replace('/^' . preg_quote($alias, '/') . '\./', '', $key);
|
||||
$listvalues[] = "'" . $tmp[1] . "'";
|
||||
$listvalues[] = "'" . $this->db->escape($tmp[1]) . "'";
|
||||
} else {
|
||||
$this->errors[$error]['lib'] = 'Bad value of profile setup ' . $val . ' for array_import_fieldshidden';
|
||||
$this->errors[$error]['type'] = 'Import profile setup';
|
||||
@@ -793,7 +793,7 @@ class ImportXlsx extends ModeleImports
|
||||
// We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields)
|
||||
|
||||
if (empty($lastinsertid)) { // No insert done yet for a parent table
|
||||
$sqlSelect = 'SELECT rowid FROM ' . $tablename;
|
||||
$sqlSelect = "SELECT rowid FROM " . $tablename;
|
||||
|
||||
$data = array_combine($listfields, $listvalues);
|
||||
$where = array();
|
||||
@@ -804,7 +804,7 @@ class ImportXlsx extends ModeleImports
|
||||
$where[] = $key . ' = ' . $data[$key];
|
||||
$filters[] = $col . ' = ' . $data[$key];
|
||||
}
|
||||
$sqlSelect .= ' WHERE ' . implode(' AND ', $where);
|
||||
$sqlSelect .= " WHERE " . implode(' AND ', $where);
|
||||
|
||||
$resql = $this->db->query($sqlSelect);
|
||||
if ($resql) {
|
||||
@@ -831,12 +831,12 @@ class ImportXlsx extends ModeleImports
|
||||
// a direct insert into subtable extrafields, but when me wake an update, the insertid is defined and the child record
|
||||
// may already exists. So we rescan the extrafield table to know if record exists or not for the rowid.
|
||||
// Note: For extrafield tablename, we have in importfieldshidden_array an enty 'extra.fk_object'=>'lastrowid-tableparent' so $keyfield is 'fk_object'
|
||||
$sqlSelect = 'SELECT rowid FROM ' . $tablename;
|
||||
$sqlSelect = "SELECT rowid FROM " . $tablename;
|
||||
|
||||
if (empty($keyfield)) {
|
||||
$keyfield = 'rowid';
|
||||
}
|
||||
$sqlSelect .= ' WHERE ' . $keyfield . ' = ' .((int) $lastinsertid);
|
||||
$sqlSelect .= "WHERE " . $keyfield . " = " .((int) $lastinsertid);
|
||||
|
||||
$resql = $this->db->query($sqlSelect);
|
||||
if ($resql) {
|
||||
@@ -858,19 +858,19 @@ class ImportXlsx extends ModeleImports
|
||||
|
||||
if (!empty($lastinsertid)) {
|
||||
// Build SQL UPDATE request
|
||||
$sqlstart = 'UPDATE ' . $tablename;
|
||||
$sqlstart = "UPDATE " . $tablename;
|
||||
|
||||
$data = array_combine($listfields, $listvalues);
|
||||
$set = array();
|
||||
foreach ($data as $key => $val) {
|
||||
$set[] = $key . ' = ' . $val;
|
||||
}
|
||||
$sqlstart .= ' SET ' . implode(', ', $set);
|
||||
$sqlstart .= " SET " . implode(', ', $set);
|
||||
|
||||
if (empty($keyfield)) {
|
||||
$keyfield = 'rowid';
|
||||
}
|
||||
$sqlend = ' WHERE ' . $keyfield . ' = '.((int) $lastinsertid);
|
||||
$sqlend = " WHERE " . $keyfield . " = ".((int) $lastinsertid);
|
||||
|
||||
$sql = $sqlstart . $sqlend;
|
||||
|
||||
@@ -891,17 +891,17 @@ class ImportXlsx extends ModeleImports
|
||||
// Update not done, we do insert
|
||||
if (!$error && !$updatedone) {
|
||||
// Build SQL INSERT request
|
||||
$sqlstart = 'INSERT INTO ' . $tablename . '(' . implode(', ', $listfields) . ', import_key';
|
||||
$sqlend = ') VALUES(' . implode(', ', $listvalues) . ", '" . $this->db->escape($importid) . "'";
|
||||
$sqlstart = "INSERT INTO " . $tablename . "(" . implode(", ", $listfields) . ", import_key";
|
||||
$sqlend = ") VALUES(" . implode(', ', $listvalues) . ", '" . $this->db->escape($importid) . "'";
|
||||
if (!empty($tablewithentity_cache[$tablename])) {
|
||||
$sqlstart .= ', entity';
|
||||
$sqlend .= ', ' . $conf->entity;
|
||||
$sqlstart .= ", entity";
|
||||
$sqlend .= ", " . $conf->entity;
|
||||
}
|
||||
if (!empty($objimport->array_import_tables_creator[0][$alias])) {
|
||||
$sqlstart .= ', ' . $objimport->array_import_tables_creator[0][$alias];
|
||||
$sqlend .= ', ' . $user->id;
|
||||
$sqlstart .= ", " . $objimport->array_import_tables_creator[0][$alias];
|
||||
$sqlend .= ", " . $user->id;
|
||||
}
|
||||
$sql = $sqlstart . $sqlend . ')';
|
||||
$sql = $sqlstart . $sqlend . ")";
|
||||
//dol_syslog("import_xlsx.modules", LOG_DEBUG);
|
||||
|
||||
// Run insert request
|
||||
|
||||
@@ -184,7 +184,7 @@ class MailingTargets // This can't be abstract as it is used for some method
|
||||
$sql .= "'".$this->db->escape($targetarray['other'])."',";
|
||||
$sql .= "'".$this->db->escape($targetarray['source_url'])."',";
|
||||
$sql .= (empty($targetarray['source_id']) ? 'null' : "'".$this->db->escape($targetarray['source_id'])."'").",";
|
||||
$sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.';'.$targetarray['email'].';'.$targetarray['lastname'].';'.$mailing_id.';'.$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY, 'md5'))."',";
|
||||
$sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.";".$targetarray['email'].";".$targetarray['lastname'].";".$mailing_id.";".$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY, 'md5'))."',";
|
||||
$sql .= "'".$this->db->escape($targetarray['source_type'])."')";
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$result = $this->db->query($sql);
|
||||
|
||||
@@ -309,7 +309,7 @@ class printing_printipp extends PrintingDriver
|
||||
$ipp->setAuthentication($this->user, $this->password);
|
||||
}
|
||||
// select printer uri for module order, propal,...
|
||||
$sql = 'SELECT rowid,printer_uri,printer_name FROM '.MAIN_DB_PREFIX.'printer_ipp WHERE module="'.$module.'"';
|
||||
$sql = "SELECT rowid,printer_uri,printer_name FROM ".MAIN_DB_PREFIX."printer_ipp WHERE module = '".$this->db->escape($module)."'";
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) {
|
||||
$obj = $this->db->fetch_object($result);
|
||||
|
||||
@@ -33,11 +33,11 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($
|
||||
$sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'";
|
||||
} elseif (is_array($crit)) {
|
||||
if ($crit['start'] !== '' && $crit['end'] !== '') {
|
||||
$sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." BETWEEN '". $db->idate($crit['start']). "' AND '".$db->idate($crit['end']) . "')";
|
||||
$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." BETWEEN '". $db->idate($crit['start']). "' AND '".$db->idate($crit['end']) . "')";
|
||||
} elseif ($crit['start'] !== '') {
|
||||
$sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." >= '". $db->idate($crit['start'])."')";
|
||||
$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." >= '". $db->idate($crit['start'])."')";
|
||||
} elseif ($crit['end'] !== '') {
|
||||
$sql .= ' AND ('.$extrafieldsobjectprefix.$tmpkey." <= '". $db->idate($crit['end'])."')";
|
||||
$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." <= '". $db->idate($crit['end'])."')";
|
||||
}
|
||||
}
|
||||
} elseif (in_array($typ, array('boolean'))) {
|
||||
|
||||
@@ -557,9 +557,9 @@ class Cronjob extends CommonObject
|
||||
if (is_array($filter) && count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid') {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key." = ".((int) $value);
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -278,12 +278,12 @@ if ($search_lastresult != '') {
|
||||
//Manage filter
|
||||
if (is_array($filter) && count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
$sqlwhere = array();
|
||||
if (!empty($search_module_name)) {
|
||||
$sqlwhere[] = '(t.module_name='.$db->escape($search_module_name).')';
|
||||
$sqlwhere[] = "(t.module_name = '".$db->escape($search_module_name)."')";
|
||||
}
|
||||
if (count($sqlwhere) > 0) {
|
||||
$sql .= " WHERE ".implode(' AND ', $sqlwhere);
|
||||
|
||||
@@ -83,7 +83,7 @@ class CdavLib
|
||||
WHERE ar.element_type=\'user\' AND fk_actioncomm=a.id) AS other_users
|
||||
FROM '.MAIN_DB_PREFIX.'actioncomm AS a';
|
||||
if (!$this->user->rights->societe->client->voir) { //FIXME si 'voir' on voit plus de chose ?
|
||||
$sql .= ' LEFT OUTER JOIN '.MAIN_DB_PREFIX.'societe_commerciaux AS sc ON (a.fk_soc = sc.fk_soc AND sc.fk_user='.$this->user->id.')
|
||||
$sql .= ' LEFT OUTER JOIN '.MAIN_DB_PREFIX.'societe_commerciaux AS sc ON (a.fk_soc = sc.fk_soc AND sc.fk_user='.((int) $this->user->id).')
|
||||
LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON (s.rowid = sc.fk_soc)
|
||||
LEFT JOIN '.MAIN_DB_PREFIX.'socpeople AS sp ON (sp.fk_soc = sc.fk_soc AND sp.rowid = a.fk_contact)
|
||||
LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_cdav AS ac ON (a.id = ac.fk_object)';
|
||||
@@ -95,7 +95,7 @@ class CdavLib
|
||||
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON co.rowid = sp.fk_pays
|
||||
LEFT JOIN '.MAIN_DB_PREFIX.'c_country as cos ON cos.rowid = s.fk_pays
|
||||
WHERE a.id IN (SELECT ar.fk_actioncomm FROM '.MAIN_DB_PREFIX.'actioncomm_resources ar WHERE ar.element_type=\'user\' AND ar.fk_element='.intval($calid).')
|
||||
WHERE a.id IN (SELECT ar.fk_actioncomm FROM '.MAIN_DB_PREFIX.'actioncomm_resources ar WHERE ar.element_type=\'user\' AND ar.fk_element='.((int) $calid).')
|
||||
AND a.code IN (SELECT cac.code FROM '.MAIN_DB_PREFIX.'c_actioncomm cac WHERE cac.type<>\'systemauto\')
|
||||
AND a.entity IN ('.getEntity('societe', 1).')';
|
||||
if ($oid !== false) {
|
||||
|
||||
@@ -303,17 +303,17 @@ class EcmFiles extends CommonObject
|
||||
$sql .= " '".$this->db->escape($ref)."', ";
|
||||
$sql .= ' '.(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").',';
|
||||
$sql .= ' '.(!isset($this->share) ? 'NULL' : "'".$this->db->escape($this->share)."'").',';
|
||||
$sql .= ' '.$this->entity.',';
|
||||
$sql .= ' '.((int) $this->entity).',';
|
||||
$sql .= ' '.(!isset($this->filename) ? 'NULL' : "'".$this->db->escape($this->filename)."'").',';
|
||||
$sql .= ' '.(!isset($this->filepath) ? 'NULL' : "'".$this->db->escape($this->filepath)."'").',';
|
||||
$sql .= ' '.(!isset($this->fullpath_orig) ? 'NULL' : "'".$this->db->escape($this->fullpath_orig)."'").',';
|
||||
$sql .= ' '.(!isset($this->description) ? 'NULL' : "'".$this->db->escape($this->description)."'").',';
|
||||
$sql .= ' '.(!isset($this->keywords) ? 'NULL' : "'".$this->db->escape($this->keywords)."'").',';
|
||||
$sql .= ' '.(!isset($this->cover) ? 'NULL' : "'".$this->db->escape($this->cover)."'").',';
|
||||
$sql .= ' '.$maxposition.',';
|
||||
$sql .= ' '.((int) $maxposition).',';
|
||||
$sql .= ' '.(!isset($this->gen_or_uploaded) ? 'NULL' : "'".$this->db->escape($this->gen_or_uploaded)."'").',';
|
||||
$sql .= ' '.(!isset($this->extraparams) ? 'NULL' : "'".$this->db->escape($this->extraparams)."'").',';
|
||||
$sql .= ' '."'".$this->db->idate($this->date_c)."'".',';
|
||||
$sql .= " '".$this->db->idate($this->date_c)."',";
|
||||
$sql .= ' '.(!isset($this->date_m) || dol_strlen($this->date_m) == 0 ? 'NULL' : "'".$this->db->idate($this->date_m)."'").',';
|
||||
$sql .= ' '.(!isset($this->fk_user_c) ? $user->id : $this->fk_user_c).',';
|
||||
$sql .= ' '.(!isset($this->fk_user_m) ? 'NULL' : $this->fk_user_m).',';
|
||||
@@ -530,9 +530,9 @@ class EcmFiles extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.src_object_id') {
|
||||
$sqlwhere[] = $key.' = '.((int) $value);
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -664,7 +664,7 @@ class EcmFiles extends CommonObject
|
||||
|
||||
// Update request
|
||||
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET';
|
||||
$sql .= " ref = '".dol_hash($this->filepath.'/'.$this->filename, 3)."',";
|
||||
$sql .= " ref = '".$this->db->escape(dol_hash($this->filepath."/".$this->filename, 3))."',";
|
||||
$sql .= ' label = '.(isset($this->label) ? "'".$this->db->escape($this->label)."'" : "null").',';
|
||||
$sql .= ' share = '.(!empty($this->share) ? "'".$this->db->escape($this->share)."'" : "null").',';
|
||||
$sql .= ' entity = '.(isset($this->entity) ? $this->entity : $conf->entity).',';
|
||||
|
||||
@@ -293,15 +293,15 @@ class ConferenceOrBooth extends ActionComm
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.id' || $key == 't.fk_project' || $key == 't.fk_soc' || $key == 't.fk_action') {
|
||||
$sqlwhere[] = $key.'='.$value;
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif (in_array($this->fields[$key]['type'], array('date', 'datetime', 'timestamp'))) {
|
||||
$sqlwhere[] = $key.' = \''.$this->db->idate($value).'\'';
|
||||
$sqlwhere[] = $key." = '".$this->db->idate($value)."'";
|
||||
} elseif ($key == 'customsql') {
|
||||
$sqlwhere[] = $value;
|
||||
} elseif (strpos($value, '%') === false) {
|
||||
$sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')';
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -422,7 +422,7 @@ class ConferenceOrBoothAttendee extends CommonObject
|
||||
} elseif (strpos($value, '%') === false) {
|
||||
$sqlwhere[] = $key.' IN ('.$this->db->sanitize($this->db->escape($value)).')';
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -472,7 +472,7 @@ if ($object->ismultientitymanaged == 1) {
|
||||
$sql .= " WHERE 1 = 1";
|
||||
}
|
||||
if ($projectid > 0) {
|
||||
$sql .= ' AND t.fk_project='.$project->id;
|
||||
$sql .= " AND t.fk_project = ".((int) $project->id);
|
||||
}
|
||||
foreach ($search as $key => $val) {
|
||||
if (array_key_exists($key, $object->fields)) {
|
||||
|
||||
@@ -973,7 +973,7 @@ class ExpenseReport extends CommonObject
|
||||
{
|
||||
$sql = 'SELECT tt.total_ht, tt.total_ttc, tt.total_tva';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as tt';
|
||||
$sql .= ' WHERE tt.'.$this->fk_element.' = '.((int) $id);
|
||||
$sql .= " WHERE tt.".$this->fk_element.' = '.((int) $id);
|
||||
|
||||
$total_ht = 0; $total_tva = 0; $total_ttc = 0;
|
||||
|
||||
@@ -981,18 +981,18 @@ class ExpenseReport extends CommonObject
|
||||
if ($result) {
|
||||
$num = $this->db->num_rows($result);
|
||||
$i = 0;
|
||||
while ($i < $num) :
|
||||
while ($i < $num) {
|
||||
$objp = $this->db->fetch_object($result);
|
||||
$total_ht += $objp->total_ht;
|
||||
$total_tva += $objp->total_tva;
|
||||
$i++;
|
||||
endwhile;
|
||||
}
|
||||
|
||||
$total_ttc = $total_ht + $total_tva;
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET";
|
||||
$sql .= " total_ht = ".price2num($total_ht, 'MT');
|
||||
$sql .= " , total_ttc = ".price2num($total_ttc, 'MT');
|
||||
$sql .= " , total_tva = ".price2num($total_tva, 'MT');
|
||||
$sql .= " total_ht = ".((float) price2num($total_ht, 'MT'));
|
||||
$sql .= " , total_ttc = ".((float) price2num($total_ttc, 'MT'));
|
||||
$sql .= " , total_tva = ".((float) price2num($total_tva, 'MT'));
|
||||
$sql .= " WHERE rowid = ".((int) $id);
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) :
|
||||
@@ -1024,14 +1024,14 @@ class ExpenseReport extends CommonObject
|
||||
$this->lines = array();
|
||||
|
||||
$sql = ' SELECT de.rowid, de.comments, de.qty, de.value_unit, de.date, de.rang,';
|
||||
$sql .= ' de.'.$this->fk_element.', de.fk_c_type_fees, de.fk_c_exp_tax_cat, de.fk_projet as fk_project, de.tva_tx, de.fk_ecm_files,';
|
||||
$sql .= " de.".$this->fk_element.", de.fk_c_type_fees, de.fk_c_exp_tax_cat, de.fk_projet as fk_project, de.tva_tx, de.fk_ecm_files,";
|
||||
$sql .= ' de.total_ht, de.total_tva, de.total_ttc,';
|
||||
$sql .= ' ctf.code as code_type_fees, ctf.label as libelle_type_fees,';
|
||||
$sql .= ' p.ref as ref_projet, p.title as title_projet';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as de';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_type_fees as ctf ON de.fk_c_type_fees = ctf.id';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'projet as p ON de.fk_projet = p.rowid';
|
||||
$sql .= ' WHERE de.'.$this->fk_element.' = '.((int) $this->id);
|
||||
$sql .= " WHERE de.".$this->fk_element." = ".((int) $this->id);
|
||||
if (!empty($conf->global->EXPENSEREPORT_LINES_SORTED_BY_ROWID)) {
|
||||
$sql .= ' ORDER BY de.rang ASC, de.rowid ASC';
|
||||
} else {
|
||||
@@ -2025,12 +2025,12 @@ class ExpenseReport extends CommonObject
|
||||
public function offsetAlreadyGiven()
|
||||
{
|
||||
$sql = 'SELECT e.rowid FROM '.MAIN_DB_PREFIX.'expensereport e';
|
||||
$sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'expensereport_det d ON (e.rowid = d.fk_expensereport)';
|
||||
$sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'c_type_fees f ON (d.fk_c_type_fees = f.id AND f.code = "EX_KME")';
|
||||
$sql .= ' WHERE e.fk_user_author = '.(int) $this->fk_user_author;
|
||||
$sql .= ' AND YEAR(d.date) = "'.dol_print_date($this->line->date, '%Y').'" AND MONTH(d.date) = "'.dol_print_date($this->line->date, '%m').'"';
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."expensereport_det d ON (e.rowid = d.fk_expensereport)";
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."c_type_fees f ON (d.fk_c_type_fees = f.id AND f.code = 'EX_KME')";
|
||||
$sql .= " WHERE e.fk_user_author = ".(int) $this->fk_user_author;
|
||||
$sql .= " AND YEAR(d.date) = '".dol_print_date($this->line->date, '%Y')."' AND MONTH(d.date) = '".dol_print_date($this->line->date, '%m')."'";
|
||||
if (!empty($this->line->id)) {
|
||||
$sql .= ' AND d.rowid <> '.$this->line->id;
|
||||
$sql .= ' AND d.rowid <> '.((int) $this->line->id);
|
||||
}
|
||||
|
||||
dol_syslog(get_class($this)."::offsetAlreadyGiven sql=".$sql);
|
||||
|
||||
@@ -157,7 +157,7 @@ class ExpenseReportRule extends CoreObject
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'expensereport_rules er';
|
||||
$sql .= ' WHERE er.entity IN (0,'.getEntity('').')';
|
||||
if (!empty($fk_c_type_fees)) {
|
||||
$sql .= ' AND er.fk_c_type_fees IN (-1, '.$fk_c_type_fees.')';
|
||||
$sql .= ' AND er.fk_c_type_fees IN (-1, '.((int) $fk_c_type_fees).')';
|
||||
}
|
||||
if (!empty($date)) {
|
||||
$sql .= " AND er.dates <= '".dol_print_date($date, '%Y-%m-%d')."'";
|
||||
@@ -170,7 +170,7 @@ class ExpenseReportRule extends CoreObject
|
||||
}
|
||||
$sql .= ' ORDER BY er.is_for_all, er.fk_usergroup, er.fk_user';
|
||||
|
||||
dol_syslog("ExpenseReportRule::getAllRule sql=".$sql);
|
||||
dol_syslog("ExpenseReportRule::getAllRule");
|
||||
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
|
||||
@@ -94,7 +94,7 @@ class ExpenseReportStats extends Stats
|
||||
*/
|
||||
public function getNbByYear()
|
||||
{
|
||||
$sql = "SELECT YEAR(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).") as dm, count(*)";
|
||||
$sql = "SELECT YEAR(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).") as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
$sql .= " GROUP BY dm DESC";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
@@ -112,7 +112,7 @@ class ExpenseReportStats extends Stats
|
||||
*/
|
||||
public function getNbByMonth($year, $format = 0)
|
||||
{
|
||||
$sql = "SELECT MONTH(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).") as dm, count(*)";
|
||||
$sql = "SELECT MONTH(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).") as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
$sql .= " WHERE YEAR(e.".$this->datetouse.") = ".((int) $year);
|
||||
$sql .= " AND ".$this->where;
|
||||
@@ -134,9 +134,9 @@ class ExpenseReportStats extends Stats
|
||||
*/
|
||||
public function getAmountByMonth($year, $format = 0)
|
||||
{
|
||||
$sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, sum(".$this->field.")";
|
||||
$sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%m') as dm, sum(".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
|
||||
$sql .= " WHERE date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
$sql .= $this->db->order('dm', 'DESC');
|
||||
@@ -154,9 +154,9 @@ class ExpenseReportStats extends Stats
|
||||
*/
|
||||
public function getAverageByMonth($year)
|
||||
{
|
||||
$sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%m') as dm, avg(".$this->field.")";
|
||||
$sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%m') as dm, avg(".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
$sql .= " WHERE date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
|
||||
$sql .= " WHERE date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') = '".$this->db->escape($year)."'";
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
$sql .= $this->db->order('dm', 'DESC');
|
||||
@@ -171,7 +171,7 @@ class ExpenseReportStats extends Stats
|
||||
*/
|
||||
public function getAllByYear()
|
||||
{
|
||||
$sql = "SELECT date_format(".$this->db->ifsql('e.'.$this->datetouse.' IS NULL', 'e.date_create', 'e.'.$this->datetouse).",'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
|
||||
$sql = "SELECT date_format(".$this->db->ifsql("e.".$this->datetouse." IS NULL", "e.date_create", "e.".$this->datetouse).",'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " GROUP BY year";
|
||||
|
||||
@@ -455,14 +455,14 @@ class Export
|
||||
} else {
|
||||
$keyList = 'rowid';
|
||||
}
|
||||
$sql = 'SELECT '.$keyList.' as rowid, '.$InfoFieldList[2].' as label'.(empty($InfoFieldList[3]) ? '' : ', '.$InfoFieldList[3].' as code');
|
||||
$sql = "SELECT ".$keyList." as rowid, ".$InfoFieldList[2]." as label".(empty($InfoFieldList[3]) ? "" : ", ".$InfoFieldList[3]." as code");
|
||||
if ($InfoFieldList[1] == 'c_stcomm') {
|
||||
$sql = 'SELECT id as id, '.$keyList.' as rowid, '.$InfoFieldList[2].' as label'.(empty($InfoFieldList[3]) ? '' : ', '.$InfoFieldList[3].' as code');
|
||||
$sql = "SELECT id as id, ".$keyList." as rowid, ".$InfoFieldList[2]." as label".(empty($InfoFieldList[3]) ? "" : ", ".$InfoFieldList[3].' as code');
|
||||
}
|
||||
if ($InfoFieldList[1] == 'c_country') {
|
||||
$sql = 'SELECT '.$keyList.' as rowid, '.$InfoFieldList[2].' as label, code as code';
|
||||
$sql = "SELECT ".$keyList." as rowid, ".$InfoFieldList[2]." as label, code as code";
|
||||
}
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[1];
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[1];
|
||||
if (!empty($InfoFieldList[4])) {
|
||||
$sql .= ' WHERE entity IN ('.getEntity($InfoFieldList[4]).')';
|
||||
}
|
||||
|
||||
@@ -1481,7 +1481,7 @@ class FichinterLigne extends CommonObjectLine
|
||||
if ($rangToUse == -1) {
|
||||
// Recupere rang max de la ligne d'intervention dans $rangmax
|
||||
$sql = 'SELECT max(rang) as max FROM '.MAIN_DB_PREFIX.'fichinterdet';
|
||||
$sql .= ' WHERE fk_fichinter ='.$this->fk_fichinter;
|
||||
$sql .= ' WHERE fk_fichinter = '.((int) $this->fk_fichinter);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
@@ -1496,7 +1496,7 @@ class FichinterLigne extends CommonObjectLine
|
||||
// Insertion dans base de la ligne
|
||||
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'fichinterdet';
|
||||
$sql .= ' (fk_fichinter, description, date, duree, rang)';
|
||||
$sql .= " VALUES (".$this->fk_fichinter.",";
|
||||
$sql .= " VALUES (".((int) $this->fk_fichinter).",";
|
||||
$sql .= " '".$this->db->escape($this->desc)."',";
|
||||
$sql .= " '".$this->db->idate($this->datei)."',";
|
||||
$sql .= " ".((int) $this->duration).",";
|
||||
|
||||
@@ -666,13 +666,13 @@ class CommandeFournisseurDispatch extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.comment') {
|
||||
$sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere [] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
} elseif ($key == 't.datec' || $key == 't.tms' || $key == 't.eatby' || $key == 't.sellby' || $key == 't.batch') {
|
||||
$sqlwhere [] = $key.' = \''.$this->db->escape($value).'\'';
|
||||
$sqlwhere [] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'qty') {
|
||||
$sqlwhere [] = $key.' = '.((float) $value);
|
||||
$sqlwhere [] = $key." = ".((float) $value);
|
||||
} else {
|
||||
$sqlwhere [] = $key.' = '.((int) $value);
|
||||
$sqlwhere [] = $key." = ".((int) $value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -404,15 +404,15 @@ class Productcustomerprice extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$this->db->escape($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'soc.nom') {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
} elseif ($key == 'prod.ref' || $key == 'prod.label') {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
} elseif ($key == 't.price' || $key == 't.price_ttc') {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.price2num($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".price2num($value)."%'";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key." = ".((int) $value);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -521,11 +521,11 @@ class Productcustomerprice extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$value.'\'';
|
||||
$sql .= " AND ".$key." = '".$db->escape($value)."'";
|
||||
} elseif ($key == 'soc.nom') {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key." = ".((int) $value);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -273,7 +273,7 @@ class ProductStockEntrepot extends CommonObject
|
||||
$sqlwhere = array();
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
$sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere [] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
if (count($sqlwhere) > 0) {
|
||||
|
||||
@@ -261,15 +261,15 @@ if ($display_ticket_list) {
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$db->escape($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$db->escape($value)."'";
|
||||
} elseif ($key == 't.fk_statut') {
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')';
|
||||
$sql .= " AND ".$key.' IN ('.$db->sanitize(implode(',', $value)).')';
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key." = ".((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -359,17 +359,17 @@ if ($action == "view_ticketlist") {
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key.' = \''.$db->escape($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$db->escape($value)."'";
|
||||
} elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) {
|
||||
$sql .= " AND ".$key." = '".$db->escape($value)."'";
|
||||
} elseif ($key == 't.fk_statut') {
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')';
|
||||
$sql .= " AND ".$key." IN (".$db->sanitize(implode(',', $value)).")";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key." = ".((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -511,11 +511,11 @@ class Dolresource extends CommonObject
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) {
|
||||
$sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$this->db->idate($value)."'";
|
||||
} elseif (strpos($key, 'ef.') !== false) {
|
||||
$sql .= $value;
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -591,9 +591,9 @@ class Dolresource extends CommonObject
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) {
|
||||
$sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$this->db->idate($value)."'";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -675,9 +675,9 @@ class Dolresource extends CommonObject
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) {
|
||||
$sql .= ' AND '.$key.' = \''.$this->db->idate($value).'\'';
|
||||
$sql .= " AND ".$key." = '".$this->db->idate($value)."'";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -714,17 +714,17 @@ class Ticket extends CommonObject
|
||||
if (!empty($filter)) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year
|
||||
$sql .= ' AND '.$key." = '".$this->db->escape($value)."'";
|
||||
$sql .= " AND ".$key." = '".$this->db->escape($value)."'";
|
||||
} elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code') || ($key == 't.fk_soc')) {
|
||||
$sql .= " AND ".$key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 't.fk_statut') {
|
||||
if (is_array($value) && count($value) > 0) {
|
||||
$sql .= 'AND '.$key.' IN ('.$this->db->sanitize(implode(',', $value)).')';
|
||||
$sql .= " AND ".$key." IN (".$this->db->sanitize(implode(',', $value)).")";
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' = '.((int) $value);
|
||||
$sql .= " AND ".$key.' = '.((int) $value);
|
||||
}
|
||||
} else {
|
||||
$sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sql .= " AND ".$key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -415,7 +415,7 @@ class Website extends CommonObject
|
||||
$sqlwhere = array();
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
$sqlwhere [] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
if (count($sqlwhere) > 0) {
|
||||
|
||||
@@ -417,7 +417,7 @@ class WebsitePage extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
|
||||
$sqlwhere[] = $key.' = '.((int) $value);
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif ($key == 'type_container') {
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'lang' || $key == 't.lang') {
|
||||
@@ -432,16 +432,16 @@ class WebsitePage extends CommonObject
|
||||
}
|
||||
$stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")";
|
||||
if ($foundnull) {
|
||||
$stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)';
|
||||
$stringtouse = "(".$stringtouse." OR ".$key." IS NULL)";
|
||||
}
|
||||
$sqlwhere[] = $stringtouse;
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
if (count($sqlwhere) > 0) {
|
||||
$sql .= ' AND ('.implode(' '.$filtermode.' ', $sqlwhere).')';
|
||||
$sql .= " AND (".implode(' '.$filtermode.' ', $sqlwhere).')';
|
||||
}
|
||||
|
||||
if (!empty($sortfield)) {
|
||||
@@ -519,7 +519,7 @@ class WebsitePage extends CommonObject
|
||||
if (count($filter) > 0) {
|
||||
foreach ($filter as $key => $value) {
|
||||
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
|
||||
$sqlwhere[] = $key.' = '.((int) $value);
|
||||
$sqlwhere[] = $key." = ".((int) $value);
|
||||
} elseif ($key == 'type_container') {
|
||||
$sqlwhere[] = $key." = '".$this->db->escape($value)."'";
|
||||
} elseif ($key == 'lang' || $key == 't.lang') {
|
||||
@@ -534,11 +534,11 @@ class WebsitePage extends CommonObject
|
||||
}
|
||||
$stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")";
|
||||
if ($foundnull) {
|
||||
$stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)';
|
||||
$stringtouse = "(".$stringtouse." OR ".$key." IS NULL)";
|
||||
}
|
||||
$sqlwhere[] = $stringtouse;
|
||||
} else {
|
||||
$sqlwhere[] = $key.' LIKE \'%'.$this->db->escape($value).'%\'';
|
||||
$sqlwhere[] = $key." LIKE '%".$this->db->escape($value)."%'";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user