Clean code
This commit is contained in:
Laurent Destailleur
parent
608b6f5fa3
commit
3d4bb66853
@ -5783,7 +5783,7 @@ class FactureLigne extends CommonInvoiceLine
|
||||
return 0;
|
||||
}
|
||||
|
||||
$sql = 'SELECT situation_percent FROM '.MAIN_DB_PREFIX.'facturedet WHERE rowid='.((int) $this->fk_prev_id);
|
||||
$sql = "SELECT situation_percent FROM ".MAIN_DB_PREFIX."facturedet WHERE rowid = ".((int) $this->fk_prev_id);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql && $resql->num_rows > 0) {
|
||||
$res = $this->db->fetch_array($resql);
|
||||
@ -5793,9 +5793,9 @@ class FactureLigne extends CommonInvoiceLine
|
||||
if ($include_credit_note) {
|
||||
$sql = 'SELECT fd.situation_percent FROM '.MAIN_DB_PREFIX.'facturedet fd';
|
||||
$sql .= ' JOIN '.MAIN_DB_PREFIX.'facture f ON (f.rowid = fd.fk_facture) ';
|
||||
$sql .= ' WHERE fd.fk_prev_id = '.((int) $this->fk_prev_id);
|
||||
$sql .= ' AND f.situation_cycle_ref = '.((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
|
||||
$sql .= ' AND f.type = '.Facture::TYPE_CREDIT_NOTE;
|
||||
$sql .= " WHERE fd.fk_prev_id = ".((int) $this->fk_prev_id);
|
||||
$sql .= " AND f.situation_cycle_ref = ".((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
|
||||
$sql .= " AND f.type = ".Facture::TYPE_CREDIT_NOTE;
|
||||
|
||||
$res = $this->db->query($sql);
|
||||
if ($res) {
|
||||
|
||||
@ -357,7 +357,7 @@ if (!$error && $massaction == 'confirm_presend') {
|
||||
$tmp = explode(',', $conf->global->MAIN_INFO_SOCIETE_MAIL_ALIASES);
|
||||
$from = trim($tmp[($reg[1] - 1)]);
|
||||
} elseif (preg_match('/senderprofile_(\d+)_(\d+)/', $fromtype, $reg)) {
|
||||
$sql = 'SELECT rowid, label, email FROM '.MAIN_DB_PREFIX.'c_email_senderprofile WHERE rowid = '.(int) $reg[1];
|
||||
$sql = "SELECT rowid, label, email FROM ".MAIN_DB_PREFIX."c_email_senderprofile WHERE rowid = ".(int) $reg[1];
|
||||
$resql = $db->query($sql);
|
||||
$obj = $db->fetch_object($resql);
|
||||
if ($obj) {
|
||||
|
||||
@ -157,7 +157,7 @@ class box_validated_projects extends ModeleBoxes
|
||||
);
|
||||
|
||||
if ($objp->fk_soc > 0) {
|
||||
$sql = 'SELECT rowid, nom as name FROM '.MAIN_DB_PREFIX.'societe WHERE rowid = '.((int) $objp->fk_soc);
|
||||
$sql = "SELECT rowid, nom as name FROM ".MAIN_DB_PREFIX."societe WHERE rowid = ".((int) $objp->fk_soc);
|
||||
$resql = $this->db->query($sql);
|
||||
//$socstatic = new Societe($this->db);
|
||||
$obj2 = $this->db->fetch_object($resql);
|
||||
|
||||
@ -60,7 +60,7 @@ trait CommonIncoterm
|
||||
|
||||
$this->label_incoterms = '';
|
||||
if (!empty($this->fk_incoterms)) {
|
||||
$sql = 'SELECT code FROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
|
||||
$sql = "SELECT code FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) {
|
||||
$res = $this->db->fetch_object($result);
|
||||
@ -80,7 +80,7 @@ trait CommonIncoterm
|
||||
*/
|
||||
public function getIncotermsForPDF()
|
||||
{
|
||||
$sql = 'SELECT code FROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
|
||||
$sql = "SELECT code FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $this->db->num_rows($resql);
|
||||
@ -107,7 +107,7 @@ trait CommonIncoterm
|
||||
{
|
||||
if ($this->id && $this->table_element) {
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= " SET fk_incoterms = ".($id_incoterm > 0 ? $id_incoterm : "null");
|
||||
$sql .= " SET fk_incoterms = ".($id_incoterm > 0 ? ((int) $id_incoterm) : "null");
|
||||
$sql .= ", location_incoterms = ".($id_incoterm > 0 ? "'".$this->db->escape($location)."'" : "null");
|
||||
$sql .= " WHERE rowid = ".((int) $this->id);
|
||||
dol_syslog(get_class($this).'::setIncoterms', LOG_DEBUG);
|
||||
@ -116,7 +116,7 @@ trait CommonIncoterm
|
||||
$this->fk_incoterms = $id_incoterm;
|
||||
$this->location_incoterms = $location;
|
||||
|
||||
$sql = 'SELECT libelle as label_incotermsFROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
|
||||
$sql = "SELECT libelle as label_incoterms FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
|
||||
$res = $this->db->query($sql);
|
||||
if ($res) {
|
||||
$obj = $this->db->fetch_object($res);
|
||||
|
||||
@ -226,8 +226,8 @@ abstract class CommonInvoice extends CommonObject
|
||||
$idarray = array();
|
||||
|
||||
$sql = 'SELECT rowid';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= ' WHERE fk_facture_source = '.((int) $this->id);
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= " WHERE fk_facture_source = ".((int) $this->id);
|
||||
$sql .= ' AND type = 2';
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
@ -253,8 +253,8 @@ abstract class CommonInvoice extends CommonObject
|
||||
public function getIdReplacingInvoice($option = '')
|
||||
{
|
||||
$sql = 'SELECT rowid';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= ' WHERE fk_facture_source = '.((int) $this->id);
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= " WHERE fk_facture_source = ".((int) $this->id);
|
||||
$sql .= ' AND type < 2';
|
||||
if ($option == 'validated') {
|
||||
$sql .= ' AND fk_statut = 1';
|
||||
@ -306,8 +306,8 @@ abstract class CommonInvoice extends CommonObject
|
||||
$sharedentity = 'facture_fourn';
|
||||
}
|
||||
|
||||
$sql = 'SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code'.$field3;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$table.' as pf, '.MAIN_DB_PREFIX.$table2.' as p, '.MAIN_DB_PREFIX.'c_paiement as t';
|
||||
$sql = "SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code".$field3;
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$table." as pf, ".MAIN_DB_PREFIX.$table2." as p, ".MAIN_DB_PREFIX."c_paiement as t";
|
||||
$sql .= " WHERE pf.".$field." = ".((int) $this->id);
|
||||
$sql .= " AND pf.".$field2." = p.rowid";
|
||||
$sql .= ' AND p.fk_paiement = t.id';
|
||||
@ -335,12 +335,12 @@ abstract class CommonInvoice extends CommonObject
|
||||
//look for credit notes and discounts and deposits
|
||||
$sql = '';
|
||||
if ($this->element == 'facture' || $this->element == 'invoice') {
|
||||
$sql = 'SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type';
|
||||
$sql = "SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture as f';
|
||||
$sql .= ' WHERE rc.fk_facture_source=f.rowid AND rc.fk_facture = '.((int) $this->id);
|
||||
$sql .= ' AND (f.type = 2 OR f.type = 0 OR f.type = 3)'; // Find discount coming from credit note or excess received or deposits (payments from deposits are always null except if FACTURE_DEPOSITS_ARE_JUST_PAYMENTS is set)
|
||||
} elseif ($this->element == 'facture_fourn' || $this->element == 'invoice_supplier') {
|
||||
$sql = 'SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type';
|
||||
$sql = "SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture_fourn as f';
|
||||
$sql .= ' WHERE rc.fk_invoice_supplier_source=f.rowid AND rc.fk_invoice_supplier = '.((int) $this->id);
|
||||
$sql .= ' AND (f.type = 2 OR f.type = 0 OR f.type = 3)'; // Find discount coming from credit note or excess received or deposits (payments from deposits are always null except if FACTURE_DEPOSITS_ARE_JUST_PAYMENTS is set)
|
||||
|
||||
@ -1671,7 +1671,7 @@ abstract class CommonObject
|
||||
return 0;
|
||||
}
|
||||
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE '.$this->table_ref_field.' LIKE "'.$this->db->escape($ref).'" LIMIT 1';
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element." WHERE ".$this->table_ref_field." LIKE '".$this->db->escape($ref)."' LIMIT 1";
|
||||
|
||||
$query = $this->db->query($sql);
|
||||
|
||||
@ -2900,7 +2900,7 @@ abstract class CommonObject
|
||||
|
||||
// Count number of lines to reorder (according to choice $renum)
|
||||
$nl = 0;
|
||||
$sql = 'SELECT count(rowid) FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql = "SELECT count(rowid) FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
if (!$renum) {
|
||||
$sql .= ' AND rang = 0';
|
||||
@ -2922,7 +2922,7 @@ abstract class CommonObject
|
||||
$rows = array();
|
||||
|
||||
// We first search all lines that are parent lines (for multilevel details lines)
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
if ($fk_parent_line) {
|
||||
$sql .= ' AND fk_parent_line IS NULL';
|
||||
@ -2970,7 +2970,7 @@ abstract class CommonObject
|
||||
{
|
||||
$rows = array();
|
||||
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
$sql .= ' AND fk_parent_line = '.((int) $id);
|
||||
$sql .= ' ORDER BY rang ASC';
|
||||
@ -3148,8 +3148,8 @@ abstract class CommonObject
|
||||
*/
|
||||
public function getRangOfLine($rowid)
|
||||
{
|
||||
$sql = 'SELECT rang FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= ' WHERE rowid ='.((int) $rowid);
|
||||
$sql = "SELECT rang FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE rowid = ".((int) $rowid);
|
||||
|
||||
dol_syslog(get_class($this)."::getRangOfLine", LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -3167,9 +3167,9 @@ abstract class CommonObject
|
||||
*/
|
||||
public function getIdOfLine($rang)
|
||||
{
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
$sql .= ' AND rang = '.((int) $rang);
|
||||
$sql .= " AND rang = ".((int) $rang);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$row = $this->db->fetch_row($resql);
|
||||
@ -3196,7 +3196,7 @@ abstract class CommonObject
|
||||
if ($fk_parent_line) {
|
||||
$sql = "SELECT max(".$positionfield.") FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
$sql .= ' AND fk_parent_line = '.((int) $fk_parent_line);
|
||||
$sql .= " AND fk_parent_line = ".((int) $fk_parent_line);
|
||||
|
||||
dol_syslog(get_class($this)."::line_max", LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -3412,7 +3412,7 @@ abstract class CommonObject
|
||||
$sql .= ', situation_percent';
|
||||
}
|
||||
$sql .= ', multicurrency_total_ht, multicurrency_total_tva, multicurrency_total_ttc';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
|
||||
if ($exclspec) {
|
||||
$product_field = 'product_type';
|
||||
@ -3572,7 +3572,7 @@ abstract class CommonObject
|
||||
}
|
||||
|
||||
if (empty($nodatabaseupdate)) {
|
||||
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET';
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element.' SET';
|
||||
$sql .= " ".$fieldht." = ".((float) price2num($this->total_ht)).",";
|
||||
$sql .= " ".$fieldtva." = ".((float) price2num($this->total_tva)).",";
|
||||
$sql .= " ".$fieldlocaltax1." = ".((float) price2num($this->total_localtax1)).",";
|
||||
@ -4267,8 +4267,8 @@ abstract class CommonObject
|
||||
*/
|
||||
public function getSpecialCode($lineid)
|
||||
{
|
||||
$sql = 'SELECT special_code FROM '.MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= ' WHERE rowid = '.((int) $lineid);
|
||||
$sql = "SELECT special_code FROM ".MAIN_DB_PREFIX.$this->table_element_line;
|
||||
$sql .= " WHERE rowid = ".((int) $lineid);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$row = $this->db->fetch_row($resql);
|
||||
@ -6687,8 +6687,8 @@ abstract class CommonObject
|
||||
}
|
||||
|
||||
$sqlwhere = '';
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (!empty($InfoFieldList[4])) {
|
||||
// can use SELECT request
|
||||
if (strpos($InfoFieldList[4], '$SEL$') !== false) {
|
||||
@ -6839,7 +6839,7 @@ abstract class CommonObject
|
||||
}
|
||||
|
||||
$sqlwhere = '';
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (!empty($InfoFieldList[4])) {
|
||||
// can use SELECT request
|
||||
@ -7200,7 +7200,7 @@ abstract class CommonObject
|
||||
$keyList .= implode(', ', $fields_label);
|
||||
}
|
||||
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (strpos($InfoFieldList[4], 'extra') !== false) {
|
||||
$sql .= ' as main';
|
||||
@ -7283,7 +7283,7 @@ abstract class CommonObject
|
||||
$keyList .= implode(', ', $fields_label);
|
||||
}
|
||||
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (strpos($InfoFieldList[4], 'extra') !== false) {
|
||||
$sql .= ' as main';
|
||||
|
||||
@ -1252,7 +1252,7 @@ class ExtraFields
|
||||
}
|
||||
|
||||
$sqlwhere = '';
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (!empty($InfoFieldList[4])) {
|
||||
// can use curent entity filter
|
||||
@ -1420,7 +1420,7 @@ class ExtraFields
|
||||
}
|
||||
|
||||
$sqlwhere = '';
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (!empty($InfoFieldList[4])) {
|
||||
// can use SELECT request
|
||||
@ -1716,7 +1716,7 @@ class ExtraFields
|
||||
}
|
||||
}
|
||||
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra') !== false) {
|
||||
$sql .= ' as main';
|
||||
@ -1820,8 +1820,8 @@ class ExtraFields
|
||||
}
|
||||
}
|
||||
|
||||
$sql = 'SELECT '.$keyList;
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
$sql = "SELECT ".$keyList;
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[0];
|
||||
if (strpos($InfoFieldList[4], 'extra') !== false) {
|
||||
$sql .= ' as main';
|
||||
}
|
||||
|
||||
@ -1116,7 +1116,7 @@ class Don extends CommonObject
|
||||
return -1;
|
||||
}
|
||||
|
||||
$sql = 'SELECT SUM(amount) as sum_amount FROM '.MAIN_DB_PREFIX.'payment_donation WHERE fk_donation = '.((int) $this->id);
|
||||
$sql = "SELECT SUM(amount) as sum_amount FROM ".MAIN_DB_PREFIX."payment_donation WHERE fk_donation = ".((int) $this->id);
|
||||
$resql = $this->db->query($sql);
|
||||
if (!$resql) {
|
||||
dol_print_error($this->db);
|
||||
|
||||
@ -173,7 +173,7 @@ if (!$error && $massaction == 'confirm_presend_attendees') {
|
||||
$tmp = explode(',', $conf->global->MAIN_INFO_SOCIETE_MAIL_ALIASES);
|
||||
$from = trim($tmp[($reg[1] - 1)]);
|
||||
} elseif (preg_match('/senderprofile_(\d+)_(\d+)/', $fromtype, $reg)) {
|
||||
$sql = 'SELECT rowid, label, email FROM ' . MAIN_DB_PREFIX . 'c_email_senderprofile WHERE rowid = ' . (int) $reg[1];
|
||||
$sql = "SELECT rowid, label, email FROM " . MAIN_DB_PREFIX . "c_email_senderprofile WHERE rowid = " . (int) $reg[1];
|
||||
$resql = $db->query($sql);
|
||||
$obj = $db->fetch_object($resql);
|
||||
if ($obj) {
|
||||
|
||||
@ -32,8 +32,8 @@ function checkElementExist($id, $table)
|
||||
{
|
||||
global $db;
|
||||
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$table;
|
||||
$sql .= ' WHERE rowid = '.((int) $id);
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$table;
|
||||
$sql .= " WHERE rowid = ".((int) $id);
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
@ -87,8 +87,8 @@ function checkLinkedElements($sourcetype, $targettype)
|
||||
|
||||
$out = $langs->trans('SourceType').': '.$sourcetype.' => '.$langs->trans('TargetType').': '.$targettype.' ';
|
||||
|
||||
$sql = 'SELECT rowid, fk_source, fk_target FROM '.MAIN_DB_PREFIX.'element_element';
|
||||
$sql .= " WHERE sourcetype='".$db->escape($sourcetype)."' AND targettype='".$db->escape($targettype)."'";
|
||||
$sql = "SELECT rowid, fk_source, fk_target FROM ".MAIN_DB_PREFIX."element_element";
|
||||
$sql .= " WHERE sourcetype = '".$db->escape($sourcetype)."' AND targettype = '".$db->escape($targettype)."'";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
@ -106,7 +106,7 @@ function checkLinkedElements($sourcetype, $targettype)
|
||||
foreach ($elements as $key => $element) {
|
||||
if (!checkElementExist($element[$sourcetype], $sourcetable) || !checkElementExist($element[$targettype], $targettable)) {
|
||||
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'element_element';
|
||||
$sql .= ' WHERE rowid = '.((int) $key);
|
||||
$sql .= " WHERE rowid = ".((int) $key);
|
||||
$resql = $db->query($sql);
|
||||
$deleted++;
|
||||
}
|
||||
|
||||
@ -1180,7 +1180,7 @@ if ($ok && GETPOST('clean_perm_table', 'alpha')) {
|
||||
foreach ($conf->modules as $key => $val) {
|
||||
$listofmods .= ($listofmods ? ',' : '')."'".$val."'";
|
||||
}
|
||||
$sql = 'SELECT id, libelle as label, module from '.MAIN_DB_PREFIX.'rights_def WHERE module NOT IN ('.$db->sanitize($listofmods).') AND id > 100000';
|
||||
$sql = "SELECT id, libelle as label, module from ".MAIN_DB_PREFIX."rights_def WHERE module NOT IN (".$db->sanitize($listofmods).") AND id > 100000";
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num = $db->num_rows($resql);
|
||||
@ -1191,7 +1191,7 @@ if ($ok && GETPOST('clean_perm_table', 'alpha')) {
|
||||
if ($obj->id > 0) {
|
||||
print '<tr><td>Found line with id '.$obj->id.', label "'.$obj->label.'" of module "'.$obj->module.'" to delete';
|
||||
if (GETPOST('clean_perm_table', 'alpha') == 'confirmed') {
|
||||
$sqldelete = 'DELETE FROM '.MAIN_DB_PREFIX.'rights_def WHERE id = '.$obj->id;
|
||||
$sqldelete = "DELETE FROM ".MAIN_DB_PREFIX."rights_def WHERE id = ".((int) $obj->id);
|
||||
$resqldelete = $db->query($sqldelete);
|
||||
if (!$resqldelete) {
|
||||
dol_print_error($db);
|
||||
|
||||
@ -430,13 +430,13 @@ class MyObject extends CommonObject
|
||||
|
||||
$records = array();
|
||||
|
||||
$sql = 'SELECT ';
|
||||
$sql = "SELECT ";
|
||||
$sql .= $this->getFieldList('t');
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t";
|
||||
if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) {
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity($this->table_element).')';
|
||||
$sql .= " WHERE t.entity IN (".getEntity($this->table_element).")";
|
||||
} else {
|
||||
$sql .= ' WHERE 1 = 1';
|
||||
$sql .= " WHERE 1 = 1";
|
||||
}
|
||||
// Manage filter
|
||||
$sqlwhere = array();
|
||||
@ -908,10 +908,11 @@ class MyObject extends CommonObject
|
||||
*/
|
||||
public function info($id)
|
||||
{
|
||||
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
|
||||
$sql .= ' fk_user_creat, fk_user_modif';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
|
||||
$sql .= ' WHERE t.rowid = '.((int) $id);
|
||||
$sql = "SELECT rowid, date_creation as datec, tms as datem,";
|
||||
$sql .= " fk_user_creat, fk_user_modif";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t";
|
||||
$sql .= " WHERE t.rowid = ".((int) $id);
|
||||
|
||||
$result = $this->db->query($sql);
|
||||
if ($result) {
|
||||
if ($this->db->num_rows($result)) {
|
||||
|
||||
@ -133,7 +133,7 @@ class MultiCurrency extends CommonObject
|
||||
$now = dol_now();
|
||||
|
||||
// Insert request
|
||||
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.$this->table_element.'(';
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX.$this->table_element."(";
|
||||
$sql .= ' code,';
|
||||
$sql .= ' name,';
|
||||
$sql .= ' entity,';
|
||||
@ -194,7 +194,7 @@ class MultiCurrency extends CommonObject
|
||||
|
||||
global $conf;
|
||||
|
||||
$sql = 'SELECT';
|
||||
$sql = "SELECT";
|
||||
$sql .= ' c.rowid, c.name, c.code, c.entity, c.date_create, c.fk_user';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' AS c';
|
||||
if (!empty($code)) {
|
||||
@ -243,7 +243,7 @@ class MultiCurrency extends CommonObject
|
||||
*/
|
||||
public function fetchAllCurrencyRate()
|
||||
{
|
||||
$sql = 'SELECT cr.rowid';
|
||||
$sql = "SELECT cr.rowid";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as cr';
|
||||
$sql .= ' WHERE cr.fk_multicurrency = '.((int) $this->id);
|
||||
$sql .= ' ORDER BY cr.date_sync DESC';
|
||||
@ -298,10 +298,10 @@ class MultiCurrency extends CommonObject
|
||||
}
|
||||
|
||||
// Update request
|
||||
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET';
|
||||
$sql .= ' name=\''.$this->db->escape($this->name).'\'';
|
||||
$sql .= ' code=\''.$this->db->escape($this->code).'\'';
|
||||
$sql .= ' WHERE rowid='.((int) $this->id);
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET";
|
||||
$sql .= " name = '".$this->db->escape($this->name)."'";
|
||||
$sql .= " code = '".$this->db->escape($this->code)."'";
|
||||
$sql .= " WHERE rowid = ".((int) $this->id);
|
||||
|
||||
$this->db->begin();
|
||||
|
||||
@ -362,8 +362,8 @@ class MultiCurrency extends CommonObject
|
||||
dol_syslog('Currency::delete '.join(',', $this->errors), LOG_ERR);
|
||||
}
|
||||
|
||||
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= ' WHERE rowid='.((int) $this->id);
|
||||
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= " WHERE rowid = ".((int) $this->id);
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -438,7 +438,7 @@ class MultiCurrency extends CommonObject
|
||||
$currency->code = $code;
|
||||
$currency->name = $code;
|
||||
|
||||
$sql = 'SELECT label FROM '.MAIN_DB_PREFIX."c_currencies WHERE code_iso = '".$this->db->escape($code)."'";
|
||||
$sql = "SELECT label FROM ".MAIN_DB_PREFIX."c_currencies WHERE code_iso = '".$this->db->escape($code)."'";
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -477,8 +477,8 @@ class MultiCurrency extends CommonObject
|
||||
*/
|
||||
public function getRate()
|
||||
{
|
||||
$sql = 'SELECT cr.rowid';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line.' as cr';
|
||||
$sql = "SELECT cr.rowid";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element_line." as cr";
|
||||
$sql .= " WHERE cr.fk_multicurrency = ".((int) $this->id);
|
||||
$sql .= " AND cr.date_sync = (SELECT MAX(cr2.date_sync) FROM ".MAIN_DB_PREFIX.$this->table_element_line." AS cr2 WHERE cr2.fk_multicurrency = ".((int) $this->id).")";
|
||||
|
||||
@ -502,7 +502,7 @@ class MultiCurrency extends CommonObject
|
||||
{
|
||||
global $conf;
|
||||
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX."multicurrency WHERE code = '".$db->escape($code)."' AND entity = ".$conf->entity;
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."multicurrency WHERE code = '".$db->escape($code)."' AND entity = ".$conf->entity;
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $db->query($sql);
|
||||
@ -527,7 +527,7 @@ class MultiCurrency extends CommonObject
|
||||
{
|
||||
global $conf;
|
||||
|
||||
$sql1 = 'SELECT m.rowid, mc.rate FROM '.MAIN_DB_PREFIX.'multicurrency m';
|
||||
$sql1 = "SELECT m.rowid, mc.rate FROM ".MAIN_DB_PREFIX."multicurrency m";
|
||||
|
||||
$sql1 .= ' LEFT JOIN '.MAIN_DB_PREFIX.'multicurrency_rate mc ON (m.rowid = mc.fk_multicurrency)';
|
||||
$sql1 .= " WHERE m.code = '".$db->escape($code)."'";
|
||||
@ -537,7 +537,7 @@ class MultiCurrency extends CommonObject
|
||||
$tmparray = dol_getdate($date_document);
|
||||
$sql2 .= " AND mc.date_sync <= '".$db->idate(dol_mktime(23, 59, 59, $tmparray['mon'], $tmparray['mday'], $tmparray['year'], true))."'";
|
||||
}
|
||||
$sql3 = ' ORDER BY mc.date_sync DESC LIMIT 1';
|
||||
$sql3 = " ORDER BY mc.date_sync DESC LIMIT 1";
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $db->query($sql1.$sql2.$sql3);
|
||||
@ -591,7 +591,7 @@ class MultiCurrency extends CommonObject
|
||||
{
|
||||
global $db;
|
||||
|
||||
$sql = 'SELECT multicurrency_tx FROM '.MAIN_DB_PREFIX.$table.' WHERE rowid = '.((int) $fk_facture);
|
||||
$sql = "SELECT multicurrency_tx FROM ".MAIN_DB_PREFIX.$table." WHERE rowid = ".((int) $fk_facture);
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $db->query($sql);
|
||||
@ -773,7 +773,7 @@ class CurrencyRate extends CommonObjectLine
|
||||
$now = empty($this->date_sync) ? dol_now() : $this->date_sync;
|
||||
|
||||
// Insert request
|
||||
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.$this->table_element.'(';
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX.$this->table_element."(";
|
||||
$sql .= ' rate,';
|
||||
$sql .= ' date_sync,';
|
||||
$sql .= ' fk_multicurrency,';
|
||||
@ -829,9 +829,9 @@ class CurrencyRate extends CommonObjectLine
|
||||
{
|
||||
dol_syslog('CurrencyRate::fetch', LOG_DEBUG);
|
||||
|
||||
$sql = 'SELECT cr.rowid, cr.rate, cr.date_sync, cr.fk_multicurrency, cr.entity';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' AS cr';
|
||||
$sql .= ' WHERE cr.rowid = '.((int) $id);
|
||||
$sql = "SELECT cr.rowid, cr.rate, cr.date_sync, cr.fk_multicurrency, cr.entity";
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." AS cr";
|
||||
$sql .= " WHERE cr.rowid = ".((int) $id);
|
||||
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
$resql = $this->db->query($sql);
|
||||
@ -878,15 +878,15 @@ class CurrencyRate extends CommonObjectLine
|
||||
$this->rate = price2num($this->rate);
|
||||
|
||||
// Update request
|
||||
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= "SET rate =".((float) $this->rate);
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
|
||||
$sql .= "SET rate = ".((float) $this->rate);
|
||||
if (!empty($this->date_sync)) {
|
||||
$sql .= ", date_sync='".$this->db->idate($this->date_sync)."'";
|
||||
$sql .= ", date_sync = '".$this->db->idate($this->date_sync)."'";
|
||||
}
|
||||
if (!empty($this->fk_multicurrency)) {
|
||||
$sql .= ', fk_multicurrency='.((int) $this->fk_multicurrency);
|
||||
$sql .= ', fk_multicurrency = '.((int) $this->fk_multicurrency);
|
||||
}
|
||||
$sql .= ' WHERE rowid='.((int) $this->id);
|
||||
$sql .= " WHERE rowid =".((int) $this->id);
|
||||
|
||||
$this->db->begin();
|
||||
|
||||
|
||||
@ -5087,7 +5087,7 @@ class Product extends CommonObject
|
||||
$langs->load('products');
|
||||
|
||||
if (isset($this->finished) && $this->finished >= 0) {
|
||||
$sql = 'SELECT label, code FROM '.MAIN_DB_PREFIX.'c_product_nature where code='.((int) $this->finished).' AND active=1';
|
||||
$sql = "SELECT label, code FROM ".MAIN_DB_PREFIX."c_product_nature where code = ".((int) $this->finished)." AND active=1";
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql && $this->db->num_rows($resql) > 0) {
|
||||
$res = $this->db->fetch_array($resql);
|
||||
|
||||
@ -683,7 +683,7 @@ if ($id > 0 || $ref) {
|
||||
print '</td></tr>';
|
||||
|
||||
$currencies = array();
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'multicurrency WHERE entity = '.((int) $conf->entity);
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."multicurrency WHERE entity = ".((int) $conf->entity);
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$currency = new MultiCurrency($db);
|
||||
|
||||
@ -819,7 +819,7 @@ class Entrepot extends CommonObject
|
||||
$parentid = $this->fk_parent; // If parent_id not defined on current object, we do not start consecutive searches of parents
|
||||
$i = 0;
|
||||
while ($parentid > 0 && $i < $protection) {
|
||||
$sql = 'SELECT fk_parent FROM '.MAIN_DB_PREFIX.'entrepot WHERE rowid = '.((int) $parentid);
|
||||
$sql = "SELECT fk_parent FROM ".MAIN_DB_PREFIX."entrepot WHERE rowid = ".((int) $parentid);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$objarbo = $this->db->fetch_object($resql);
|
||||
|
||||
@ -706,9 +706,9 @@ class Project extends CommonObject
|
||||
} elseif ($type == 'project_task_time') { // Case we want to duplicate line foreach user
|
||||
$sql = "SELECT DISTINCT pt.rowid, ptt.fk_user FROM ".MAIN_DB_PREFIX."projet_task as pt, ".MAIN_DB_PREFIX."projet_task_time as ptt WHERE pt.rowid = ptt.fk_task AND pt.fk_projet IN (".$this->db->sanitize($ids).")";
|
||||
} elseif ($type == 'stock_mouvement') {
|
||||
$sql = 'SELECT ms.rowid, ms.fk_user_author as fk_user FROM '.MAIN_DB_PREFIX."stock_mouvement as ms, ".MAIN_DB_PREFIX."entrepot as e WHERE e.rowid = ms.fk_entrepot AND e.entity IN (".getEntity('stock').") AND ms.origintype = 'project' AND ms.fk_origin IN (".$this->db->sanitize($ids).") AND ms.type_mouvement = 1";
|
||||
$sql = "SELECT ms.rowid, ms.fk_user_author as fk_user FROM ".MAIN_DB_PREFIX."stock_mouvement as ms, ".MAIN_DB_PREFIX."entrepot as e WHERE e.rowid = ms.fk_entrepot AND e.entity IN (".getEntity('stock').") AND ms.origintype = 'project' AND ms.fk_origin IN (".$this->db->sanitize($ids).") AND ms.type_mouvement = 1";
|
||||
} elseif ($type == 'loan') {
|
||||
$sql = 'SELECT l.rowid, l.fk_user_author as fk_user FROM '.MAIN_DB_PREFIX."loan as l WHERE l.entity IN (".getEntity('loan').") AND l.fk_projet IN (".$this->db->sanitize($ids).")";
|
||||
$sql = "SELECT l.rowid, l.fk_user_author as fk_user FROM ".MAIN_DB_PREFIX."loan as l WHERE l.entity IN (".getEntity('loan').") AND l.fk_projet IN (".$this->db->sanitize($ids).")";
|
||||
} else {
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$tablename." WHERE ".$projectkey." IN (".$this->db->sanitize($ids).") AND entity IN (".getEntity($type).")";
|
||||
}
|
||||
@ -952,9 +952,9 @@ class Project extends CommonObject
|
||||
} elseif ($type == 'project_task_time') { // Case we want to duplicate line foreach user
|
||||
$sql = "SELECT DISTINCT COUNT(pt.rowid) as nb FROM ".MAIN_DB_PREFIX."projet_task as pt, ".MAIN_DB_PREFIX."projet_task_time as ptt WHERE pt.rowid = ptt.fk_task AND pt.fk_projet = ".((int) $this->id);
|
||||
} elseif ($type == 'stock_mouvement') {
|
||||
$sql = 'SELECT COUNT(ms.rowid) as nb FROM '.MAIN_DB_PREFIX."stock_mouvement as ms, ".MAIN_DB_PREFIX."entrepot as e WHERE e.rowid = ms.fk_entrepot AND e.entity IN (".getEntity('stock').") AND ms.origintype = 'project' AND ms.fk_origin = ".((int) $this->id)." AND ms.type_mouvement = 1";
|
||||
$sql = "SELECT COUNT(ms.rowid) as nb FROM ".MAIN_DB_PREFIX."stock_mouvement as ms, ".MAIN_DB_PREFIX."entrepot as e WHERE e.rowid = ms.fk_entrepot AND e.entity IN (".getEntity('stock').") AND ms.origintype = 'project' AND ms.fk_origin = ".((int) $this->id)." AND ms.type_mouvement = 1";
|
||||
} elseif ($type == 'loan') {
|
||||
$sql = 'SELECT COUNT(l.rowid) as nb FROM '.MAIN_DB_PREFIX."loan as l WHERE l.entity IN (".getEntity('loan').") AND l.fk_projet = ".((int) $this->id);
|
||||
$sql = "SELECT COUNT(l.rowid) as nb FROM ".MAIN_DB_PREFIX."loan as l WHERE l.entity IN (".getEntity('loan').") AND l.fk_projet = ".((int) $this->id);
|
||||
} else {
|
||||
$sql = "SELECT COUNT(rowid) as nb FROM ".MAIN_DB_PREFIX.$tablename." WHERE ".$projectkey." = ".((int) $this->id)." AND entity IN (".getEntity($type).")";
|
||||
}
|
||||
|
||||
@ -948,9 +948,10 @@ class Reception extends CommonObject
|
||||
}
|
||||
|
||||
if (!$error) {
|
||||
$main = MAIN_DB_PREFIX.'commande_fournisseur_dispatch';
|
||||
$ef = $main."_extrafields";
|
||||
$sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_reception = ".((int) $this->id).")";
|
||||
$main = MAIN_DB_PREFIX.'commande_fournisseur_dispatch';
|
||||
$ef = $main."_extrafields";
|
||||
|
||||
$sqlef = "DELETE FROM ".$ef." WHERE fk_object IN (SELECT rowid FROM ".$main." WHERE fk_reception = ".((int) $this->id).")";
|
||||
|
||||
$sql = "DELETE FROM ".MAIN_DB_PREFIX."commande_fournisseur_dispatch";
|
||||
$sql .= " WHERE fk_reception = ".((int) $this->id);
|
||||
@ -1044,7 +1045,8 @@ class Reception extends CommonObject
|
||||
{
|
||||
// phpcs:enable
|
||||
dol_include_once('/fourn/class/fournisseur.commande.dispatch.class.php');
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'commande_fournisseur_dispatch WHERE fk_reception='.((int) $this->id);
|
||||
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."commande_fournisseur_dispatch WHERE fk_reception = ".((int) $this->id);
|
||||
$resql = $this->db->query($sql);
|
||||
|
||||
if (!empty($resql)) {
|
||||
|
||||
@ -3743,7 +3743,7 @@ class Societe extends CommonObject
|
||||
public function has_projects()
|
||||
{
|
||||
// phpcs:enable
|
||||
$sql = 'SELECT COUNT(*) as numproj FROM '.MAIN_DB_PREFIX.'projet WHERE fk_soc = '.((int) $this->id);
|
||||
$sql = "SELECT COUNT(*) as numproj FROM ".MAIN_DB_PREFIX."projet WHERE fk_soc = ".((int) $this->id);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
|
||||
@ -297,8 +297,8 @@ class Website extends CommonObject
|
||||
{
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
|
||||
$sql = 'SELECT';
|
||||
$sql .= ' t.rowid,';
|
||||
$sql = "SELECT";
|
||||
$sql .= " t.rowid,";
|
||||
$sql .= " t.entity,";
|
||||
$sql .= " t.ref,";
|
||||
$sql .= " t.position,";
|
||||
@ -313,12 +313,12 @@ class Website extends CommonObject
|
||||
$sql .= " t.fk_user_modif,";
|
||||
$sql .= " t.date_creation,";
|
||||
$sql .= " t.tms as date_modification";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('website').')';
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t";
|
||||
$sql .= " WHERE t.entity IN (".getEntity('website').")";
|
||||
if (!empty($ref)) {
|
||||
$sql .= " AND t.ref = '".$this->db->escape($ref)."'";
|
||||
} else {
|
||||
$sql .= ' AND t.rowid = '.(int) $id;
|
||||
$sql .= " AND t.rowid = ".(int) $id;
|
||||
}
|
||||
|
||||
$resql = $this->db->query($sql);
|
||||
@ -395,8 +395,8 @@ class Website extends CommonObject
|
||||
{
|
||||
dol_syslog(__METHOD__, LOG_DEBUG);
|
||||
|
||||
$sql = 'SELECT';
|
||||
$sql .= ' t.rowid,';
|
||||
$sql = "SELECT";
|
||||
$sql .= " t.rowid,";
|
||||
$sql .= " t.entity,";
|
||||
$sql .= " t.ref,";
|
||||
$sql .= " t.description,";
|
||||
@ -409,8 +409,8 @@ class Website extends CommonObject
|
||||
$sql .= " t.fk_user_modif,";
|
||||
$sql .= " t.date_creation,";
|
||||
$sql .= " t.tms as date_modification";
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('website').')';
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t";
|
||||
$sql .= " WHERE t.entity IN (".getEntity('website').")";
|
||||
// Manage filter
|
||||
$sqlwhere = array();
|
||||
if (count($filter) > 0) {
|
||||
@ -1252,7 +1252,7 @@ class Website extends CommonObject
|
||||
|
||||
// Read record of website that has been updated by the run_sql function previously called so we can get the
|
||||
// value of fk_default_home that is ID of home page
|
||||
$sql = 'SELECT fk_default_home FROM '.MAIN_DB_PREFIX.'website WHERE rowid = '.((int) $object->id);
|
||||
$sql = "SELECT fk_default_home FROM ".MAIN_DB_PREFIX."website WHERE rowid = ".((int) $object->id);
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $this->db->fetch_object($resql);
|
||||
@ -1297,7 +1297,7 @@ class Website extends CommonObject
|
||||
|
||||
$objectpagestatic = new WebsitePage($this->db);
|
||||
|
||||
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'website_page WHERE fk_website = '.((int) $this->id);
|
||||
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."website_page WHERE fk_website = ".((int) $this->id);
|
||||
|
||||
$resql = $this->db->query($sql);
|
||||
if (!$resql) {
|
||||
|
||||
@ -3825,7 +3825,7 @@ if ($action == 'editmeta' || $action == 'createcontainer') { // Edit properties
|
||||
print '</td><td>';
|
||||
if ($action != 'createcontainer') {
|
||||
// Has translation pages
|
||||
$sql = 'SELECT rowid, lang from '.MAIN_DB_PREFIX.'website_page where fk_page = '.((int) $objectpage->id);
|
||||
$sql = "SELECT rowid, lang from ".MAIN_DB_PREFIX."website_page where fk_page = ".((int) $objectpage->id);
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$num_rows = $db->num_rows($resql);
|
||||
|
||||
@ -298,7 +298,7 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
|
||||
$this->assertTrue($ok, 'Found non quoted or not casted var into sql request '.$file['relativename'].' - Bad.');
|
||||
//exit;
|
||||
|
||||
// Check that forged sql string is using " as string PHP quotes
|
||||
// Check that forged sql string is using ' instead of " as string PHP quotes
|
||||
$ok=true;
|
||||
$matches=array();
|
||||
preg_match_all('/\$sql \.= \'\s*VALUES.*\$/', $filecontent, $matches, PREG_SET_ORDER);
|
||||
@ -314,18 +314,16 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
|
||||
$this->assertTrue($ok, 'Found a forged SQL string that mix on same line the use of \' for PHP string and PHP variables into file '.$file['relativename'].' Use " to forge PHP string like this: $sql = "SELET ".$myvar...');
|
||||
//exit;
|
||||
|
||||
// Check that forged sql string is using " as string PHP quotes
|
||||
/*
|
||||
// Check that forged sql string is using ' instead of " as string PHP quotes
|
||||
$ok=true;
|
||||
$matches=array();
|
||||
preg_match_all('/\$sql \.*= \'SELECT.*\$/', $filecontent, $matches, PREG_SET_ORDER);
|
||||
preg_match_all('/\$sql \.?= \'SELECT.*\$/', $filecontent, $matches, PREG_SET_ORDER);
|
||||
foreach ($matches as $key => $val) {
|
||||
var_dump($matches);
|
||||
$ok=false;
|
||||
break;
|
||||
}
|
||||
$this->assertTrue($ok, 'Found a forged SQL string that mix on same line the use of \' for PHP string and PHP variables into file '.$file['relativename'].' Use " to forge PHP string like this: $sql = "SELET ".$myvar...');
|
||||
*/
|
||||
|
||||
// Check sql string VALUES ... , ".$xxx
|
||||
// with xxx that is not 'db-' (for $db->escape). It means we forget a ' if string, or an (int) if int, when forging sql request.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user