From 831cc4f4b71b7f8849d08a6318aa7261d4856083 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Sun, 20 Jun 2021 14:19:05 +0200 Subject: [PATCH 1/4] Fix 17986 error on comparing integer and string in strict sql --- htdocs/adherents/class/adherentstats.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index 62d0e03e27e..e042331b9eb 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -92,7 +92,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -133,7 +133,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,7 +154,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); From a54a955a652515a933ab14a0bbf118a96350583e Mon Sep 17 00:00:00 2001 From: daraelmin Date: Sun, 20 Jun 2021 15:40:32 +0200 Subject: [PATCH 2/4] Use year() instead of date_format --- htdocs/adherents/class/adherentstats.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index e042331b9eb..ea106e4b4c5 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -92,7 +92,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; + $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -133,7 +133,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; + $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,7 +154,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = '".((int) $year)."'"; + $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); From cfd7c610db7d1ae960c8e601be519c2348752f41 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Sun, 20 Jun 2021 17:14:28 +0200 Subject: [PATCH 3/4] Use dolSqlDateFilter instead of SQL function YEAR --- htdocs/adherents/class/adherentstats.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index ea106e4b4c5..bf8cf92bc33 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -92,7 +92,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -133,7 +133,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,7 +154,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE YEAR(p.dateadh) = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); From 002471b1fe1177c81bfa4cefd36707dbf3bf12f3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 20 Jun 2021 17:25:58 +0200 Subject: [PATCH 4/4] Update adherentstats.class.php --- htdocs/adherents/class/adherentstats.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index bf8cf92bc33..cfa83290551 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -92,7 +92,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -133,7 +133,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,7 +154,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, $year, 1); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC');