Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-13 04:51:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add more robust php unit to detect not escaped sql. Fix not escaped sql

Browse Source
This commit is contained in:
Laurent Destailleur
2017-09-15 15:41:07 +02:00
parent 77056d9adb
commit 5e34b121dd
63 changed files with 420 additions and 438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
htdocs/compta/localtax/class/localtax.class.php
View File

@@ -87,12 +87,12 @@ class Localtax extends CommonObject
$sql.= " '".$this->db->idate($this->tms)."',";
$sql.= " '".$this->db->idate($this->datep)."',";
$sql.= " '".$this->db->idate($this->datev)."',";
$sql.= " '".$this->amount."',";
$sql.= " '".$this->label."',";
$sql.= " '".$this->note."',";
$sql.= " ".($this->fk_bank <= 0 ? "NULL" : "'".$this->fk_bank."'").",";
$sql.= " '".$this->fk_user_creat."',";
$sql.= " '".$this->fk_user_modif."'";
$sql.= " '".$this->db->escape($this->amount)."',";
$sql.= " '".$this->db->escape($this->label)."',";
$sql.= " '".$this->db->escape($this->note)."',";
$sql.= " ".($this->fk_bank <= 0 ? "NULL" : "'".$this->db->escape($this->fk_bank)."'").",";
$sql.= " '".$this->db->escape($this->fk_user_creat)."',";
$sql.= " '".$this->db->escape($this->fk_user_modif)."'";
$sql.= ")";
dol_syslog(get_class($this)."::create", LOG_DEBUG);