lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Clean sql

Browse Source
This commit is contained in:
Laurent Destailleur 2021-04-30 10:57:21 +02:00
parent 8e1ba67928
commit 5a1f2db024
4 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/comm/mailing/class/html.formadvtargetemailing.class.php
View File

@ -355,7 +355,7 @@ class FormAdvTargetEmailing extends Form
$sql = "SELECT c.rowid, c.name, c.fk_element";
$sql .= " FROM ".MAIN_DB_PREFIX."advtargetemailing as c";
$sql .= " WHERE type_element='$type_element'";
$sql .= " WHERE type_element = '".$this->db->escape($type_element)."'";
$sql .= " ORDER BY c.name";
dol_syslog(__METHOD__, LOG_DEBUG);

9
htdocs/compta/localtax/class/localtax.class.php
View File

@ -352,9 +352,10 @@ class Localtax extends CommonObject
{
// phpcs:enable
$sql = "SELECT sum(f.localtax) as amount";
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f WHERE f.paye = 1";
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " WHERE f.paye = 1";
if ($year) {
$sql .= " AND f.datef >= '$year-01-01' AND f.datef <= '$year-12-31' ";
$sql .= " AND f.datef BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, 'gmt'))."' AND '".$this->db->idate(dol_get_last_day($year, 1, 'gmt'))."'";
}
$result = $this->db->query($sql);
@ -388,7 +389,7 @@ class Localtax extends CommonObject
$sql = "SELECT sum(f.total_localtax) as total_localtax";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f";
if ($year) {
$sql .= " WHERE f.datef >= '$year-01-01' AND f.datef <= '$year-12-31' ";
$sql .= " WHERE f.datef BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, 'gmt'))."' AND '".$this->db->idate(dol_get_last_day($year, 1, 'gmt'))."'";
}
$result = $this->db->query($sql);
@ -423,7 +424,7 @@ class Localtax extends CommonObject
$sql = "SELECT sum(f.amount) as amount";
$sql .= " FROM ".MAIN_DB_PREFIX."localtax as f";
if ($year) {
$sql .= " WHERE f.datev >= '$year-01-01' AND f.datev <= '$year-12-31' ";
$sql .= " WHERE f.datev BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, 'gmt'))."' AND '".$this->db->idate(dol_get_last_day($year, 1, 'gmt'))."'";
}
$result = $this->db->query($sql);

4
htdocs/core/modules/movement/doc/pdf_standard.modules.php
View File

@ -303,13 +303,13 @@ class pdf_stdandard extends ModelePDFMovement
$sql .= " AND p.fk_product_type = 0";
}
if ($id > 0) {
$sql .= " AND e.rowid ='".$id."'";
$sql .= " AND e.rowid = ".((int) $id);
}
if ($month > 0) {
if ($year > 0) {
$sql .= " AND m.datem BETWEEN '".$this->db->idate(dol_get_first_day($year, $month, false))."' AND '".$this->db->idate(dol_get_last_day($year, $month, false))."'";
} else {
$sql .= " AND date_format(m.datem, '%m') = '$month'";
$sql .= " AND date_format(m.datem, '%m') = '".((int) $month)."'";
}
} elseif ($year > 0) {
$sql .= " AND m.datem BETWEEN '".$this->db->idate(dol_get_first_day($year, 1, false))."' AND '".$this->db->idate(dol_get_last_day($year, 12, false))."'";

12
htdocs/societe/class/api_thirdparties.class.php
View File

@ -1624,11 +1624,11 @@ class Thirdparties extends DolibarrApi
}
/**
* Update specified values of a specific site gateway attached to a thirdparty
* Update specified values of a specific gateway attached to a thirdparty
*
* @param int $id Id of thirdparty
* @param string $site Site key
* @param array $request_data Request data
* @param int $id Id of thirdparty
* @param string $site Site key
* @param array $request_data Request data
*
* @return array|mixed
*
@ -1645,7 +1645,7 @@ class Thirdparties extends DolibarrApi
throw new RestException(401);
}
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."societe_account WHERE fk_soc = $id AND site = '$site' ";
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."societe_account WHERE fk_soc = ".((int) $id)." AND site = '".$this->db->escape($site)."'";
$result = $this->db->query($sql);
if ($result && $this->db->num_rows($result) == 0) {
@ -1657,7 +1657,7 @@ class Thirdparties extends DolibarrApi
$result = $this->db->query($sql);
if ($result && $this->db->num_rows($result) !== 0) {
throw new RestException(409, "You are trying to update this thirdparty SocieteAccount (gateway record) site member from $site to ".$request_data['site']." but another SocieteAccount entity already exists for this thirdparty with this site key.");
throw new RestException(409, "You are trying to update this thirdparty SocieteAccount (gateway record) site member from ".$site." to ".$request_data['site']." but another SocieteAccount entity already exists for this thirdparty with this site key.");
}
}