FIX #21128
This commit is contained in:
Laurent Destailleur
parent
fc0f624445
commit
418bd481f3
@ -846,12 +846,15 @@ if (empty($reshook)) {
|
||||
$_POST["code"] = preg_replace('/[^a-zA-Z0-9\-\+]/', '', GETPOST("code"));
|
||||
}
|
||||
|
||||
$tablename = $tabname[$id];
|
||||
$tablename = preg_replace('/^'.preg_quote(MAIN_DB_PREFIX, '/').'/', '', $tablename);
|
||||
|
||||
// If check ok and action add, add the line
|
||||
if ($ok && GETPOST('actionadd')) {
|
||||
if ($tabrowid[$id]) {
|
||||
// Get free id for insert
|
||||
$newid = 0;
|
||||
$sql = "SELECT MAX(".$tabrowid[$id].") as newid FROM ".MAIN_DB_PREFIX.$tabname[$id];
|
||||
$sql = "SELECT MAX(".$tabrowid[$id].") as newid FROM ".MAIN_DB_PREFIX.$tablename;
|
||||
$result = $db->query($sql);
|
||||
if ($result) {
|
||||
$obj = $db->fetch_object($result);
|
||||
@ -862,7 +865,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Add new entry
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX.$tabname[$id]." (";
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX.$tablename." (";
|
||||
// List of fields
|
||||
if ($tabrowid[$id] && !in_array($tabrowid[$id], $listfieldinsert)) {
|
||||
$sql .= $tabrowid[$id].",";
|
||||
@ -887,7 +890,7 @@ if (empty($reshook)) {
|
||||
} elseif ($value == 'taux' || $value == 'localtax1') {
|
||||
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
||||
} elseif ($value == 'entity') {
|
||||
$_POST[$keycode] = getEntity($tabname[$id]);
|
||||
$_POST[$keycode] = getEntity($tablename);
|
||||
}
|
||||
|
||||
if ($i) {
|
||||
@ -938,7 +941,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Modify entry
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$tabname[$id]." SET ";
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX.$tablename." SET ";
|
||||
// Modifie valeur des champs
|
||||
if ($tabrowid[$id] && !in_array($tabrowid[$id], $listfieldmodify)) {
|
||||
$sql .= $tabrowid[$id]."=";
|
||||
@ -956,7 +959,7 @@ if (empty($reshook)) {
|
||||
} elseif ($field == 'taux' || $field == 'localtax1') {
|
||||
$_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z
|
||||
} elseif ($field == 'entity') {
|
||||
$_POST[$keycode] = getEntity($tabname[$id]);
|
||||
$_POST[$keycode] = getEntity($tablename);
|
||||
}
|
||||
|
||||
if ($i) {
|
||||
@ -983,7 +986,7 @@ if (empty($reshook)) {
|
||||
$sql .= " WHERE ".$rowidcol." = ".((int) $rowid);
|
||||
}
|
||||
if (in_array('entity', $listfieldmodify)) {
|
||||
$sql .= " AND entity = ".((int) getEntity($tabname[$id], 0));
|
||||
$sql .= " AND entity = ".((int) getEntity($tablename, 0));
|
||||
}
|
||||
|
||||
dol_syslog("actionmodify", LOG_DEBUG);
|
||||
@ -1002,7 +1005,10 @@ if (empty($reshook)) {
|
||||
$rowidcol = "rowid";
|
||||
}
|
||||
|
||||
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$tabname[$id]." WHERE ".$rowidcol." = '".$db->escape($rowid)."'".($entity != '' ? " AND entity = ".(int) $entity : '');
|
||||
$tablename = $tabname[$id];
|
||||
$tablename = preg_replace('/^'.preg_quote(MAIN_DB_PREFIX, '/').'/', '', $tablename);
|
||||
|
||||
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$tablename." WHERE ".$rowidcol." = '".$db->escape($rowid)."'".($entity != '' ? " AND entity = ".(int) $entity : '');
|
||||
|
||||
dol_syslog("delete", LOG_DEBUG);
|
||||
$result = $db->query($sql);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user