Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 17:48:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add more robust php unit to detect not escaped sql. Fix not escaped sql

Browse Source
This commit is contained in:
Laurent Destailleur
2017-09-15 15:41:07 +02:00
parent 77056d9adb
commit 5e34b121dd
63 changed files with 420 additions and 438 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/ecm/class/ecmdirectory.class.php
View File

@@ -134,12 +134,12 @@ class EcmDirectory // extends CommonObject
$sql.= "fk_user_c";
$sql.= ") VALUES (";
$sql.= " '".$this->db->escape($this->label)."',";
$sql.= " '".$conf->entity."',";
$sql.= " '".$this->fk_parent."',";
$sql.= " '".$this->db->escape($conf->entity)."',";
$sql.= " '".$this->db->escape($this->fk_parent)."',";
$sql.= " '".$this->db->escape($this->description)."',";
$sql.= " ".$this->cachenbofdoc.",";
$sql.= " '".$this->db->idate($this->date_c)."',";
$sql.= " '".$this->fk_user_c."'";
$sql.= " '".$this->db->escape($this->fk_user_c)."'";
$sql.= ")";
dol_syslog(get_class($this)."::create", LOG_DEBUG);