lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

A vrifier mais j'ai du ajouter encore des addslashes car il ne prenait plus les quotes

Browse Source 
dans le libell, la description et note
This commit is contained in:
Regis Houssin 2006-06-07 16:02:18 +00:00
parent f71b505445
commit 75bcf8a48f
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/product.class.php
View File

@ -208,9 +208,9 @@ class Product
if (! $this->libelle) $this->libelle = 'LIBELLE MANQUANT';
$this->ref = trim(sanitize_string($this->ref));
$this->libelle = trim($this->libelle);
$this->description = trim($this->description);
$this->note = trim($this->note);
$this->libelle = trim(addslashes($this->libelle));
$this->description = trim(addslashes($this->description));
$this->note = trim(addslashes($this->note));
$sql = "UPDATE ".MAIN_DB_PREFIX."product ";
$sql .= " SET label = '" . addslashes($this->libelle) ."'";

2
htdocs/product/fiche.php
View File

@ -121,7 +121,7 @@ if ($_POST["action"] == 'update' &&
$product->ref = stripslashes($_POST["ref"]);
$product->libelle = stripslashes($_POST["libelle"]);
if ( isset( $_POST["price"] ) )
$product->price = stripslashes($_POST["price"]);
$product->price = stripslashes($_POST["price"]);
$product->tva_tx = $_POST["tva_tx"];
$product->description = stripslashes($_POST["desc"]);
$product->note = stripslashes($_POST["note"]);