Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 01:28:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX Missing quotes when using __NOW__

Browse Source
This commit is contained in:
ldestailleur
2025-02-21 13:21:51 +01:00
parent 1a8ebe642a
commit 2e0a29d28e
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/core/lib/functions.lib.php
View File

@@ -13502,7 +13502,7 @@ function forgeSQLFromUniversalSearchCriteria($filter, &$errorstr = '', $noand =
$ret = ($noand ? "" : " AND ").($nopar ? "" : '(').preg_replace_callback('/'.$regexstring.'/i', 'dolForgeCriteriaCallback', $filter).($nopar ? "" : ')');
if (is_object($db)) {
$ret = str_replace('__NOW__', $db->idate(dol_now()), $ret);
$ret = str_replace('__NOW__', "'".$db->idate(dol_now())."'", $ret);
}
if (is_object($user)) {
$ret = str_replace('__USER_ID__', (string) $user->id, $ret);
@@ -13733,8 +13733,10 @@ function dolForgeCriteriaCallback($matches)
$tmpescaped = 'NULL';
} elseif (is_int($tmpescaped)) {
$tmpescaped = (int) $tmpescaped;
} else {
} elseif (is_numeric((string) $tmpescaped)) { // it can be a float with a .
$tmpescaped = (float) $tmpescaped;
} else {
$tmpescaped = preg_replace('/[^a-z0-9_]/i', '', $tmpescaped); // it can be a name of field or a substitution variable like '__NOW__'
}
}